30 Jan
2012
30 Jan
'12
2:53 p.m.
Hello,
On 1/29/12 2:53 PM, Daniel Pocock wrote:
This post will probably end up in Google - so people will find it that
way (including me, when I've forgotten this little detail at some point
in the future)
It's a little bit different in Apache, where the user specifies a file
containing intermediate certs - many of the CAs give instructions for
adding that file in Apache, but they make no mention of
OpenSSL/Kamailio/concatenating everything, so I imagine people will get
stuck on things like this we can include your notes to the readme, they may help
people looking
for same subject in the future.
If you create a patch against a docbook xml file in
modules/tls/doc/*.xml, adding a new section or to Important Notes, then
we will commit.
As a general policy, we are happy always to get improvements to
documentation, for large enhancements we can allow git commit as well.
Cheers,
Daniel
--
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda
Construct the PEM file in this exact order:
cat server.example.com.pem> chain-server.example.com.pem
cat inter2.pem>> chain-server.example.com.pem
cat inter1.pem>> chain-server.example.com.pem
and then, in tls.cfg:
certificate=chain-server.example.com.pem
This applies to almost all OpenSSL based implementations. But it should be
documented somewhere.