@IM website record (i) = "Free HTTPS certificate"

@IM is a timely communication system developed for the purpose of facilitating the impression search network. Now I'm going to open up a column to write about the dots I've been experiencing in developing this site. This is the first article: Free HTTPS certificate.

Free HTTPS certificate Online search, basically positioning start SSL This HTTPS certificate service provider, mainly according to the following blog to apply for a certificate:

http://www.freehao123.com/startssl-ssl/

According to the blog guidelines, to apply for a certificate, mainly including two files:

im.impress-ssl.keyim.impress-ssl.crt

The application of the Im.impress-ssl.key is to include the password information in the inside, can not be used directly, in the use of Nginx authentication, it is necessary to enter the password, the start nginx because the password can not be started, will lead to failure, so need to remove the password information:

OpenSSL RSA- in Im.impress-ssl.key-out unpass-im.impress-ssl.key

This is basically possible, but, Start SSL will be in Firefox, Opera, IE will report the certificate does not recognize the error, only chrome can recognize, according to the following article, Http://www.gaojinbo.com/nginx-https-%E5 %85%8d%e8%b4%b9ssl%e8%af%81%e4%b9%a6%e9%85%8d%e7%bd%ae%e6%8c%87%e5%8d%97.html

==============2009/11/26 update===================

In STARTSSL forum See official said firefox3.5 not support is because not configured. After the configuration resolved Firefox 3.5 does not trust the issue of the certificate, Ubuntu Studio under test passed.

The step is: Get Https://www.startssl.com/certs/ca.pem

Get Https://www.startssl.com/certs/sub.class1.server.ca.pem

Cat Ca.pem Sub.class1.server.ca.pem >> CA-CERTS.CRT

Cat Ca-certs.crt >> Security.cer

All actions performed:

wget https://www.startssl.com/certs/ca.pemwget https://  Www.startssl.com/certs/sub.class1.server.ca.pemcat ca.pem sub.class1.server.ca.pem >> ca-  certs.crt# is the information to add the Start SSL service cat ca-certs.crt >> IM.IMPRESS-SSL.CRT

Add SSL to Nginx server:

   Server {        listen       443  SSL;        server_name  IM.IMPRESS.PW;                                                                                                                          Root    im_root;        Index   index.htm;        Ssl_certificate      SSL/im.impress-ssl.crt;        Ssl_certificate_key  SSL/unpass-im.impress-Ssl.key;        Ssl_session_cache    shared:ssl:1m;        Ssl_session_timeout  5m;         Ssl_ciphers High  :!anull:! MD5;        Ssl_prefer_server_ciphers on  ;.}

Restart nginx,ok!

@IM website record (i) = "Free HTTPS certificate"