@IM website record (i) = "Free HTTPS certificate"

Source: Internet
Author: User
Tags openssl rsa nginx server startssl

@IM is a timely communication system developed for the purpose of facilitating the impression search network. Now I'm going to open up a column to write about the dots I've been experiencing in developing this site. This is the first article: Free HTTPS certificate.

Free HTTPS certificate Online search, basically positioning start SSL This HTTPS certificate service provider, mainly according to the following blog to apply for a certificate:

http://www.freehao123.com/startssl-ssl/

According to the blog guidelines, to apply for a certificate, mainly including two files:

im.impress-ssl.keyim.impress-ssl.crt

The application of the Im.impress-ssl.key is to include the password information in the inside, can not be used directly, in the use of Nginx authentication, it is necessary to enter the password, the start nginx because the password can not be started, will lead to failure, so need to remove the password information:

OpenSSL RSA- in Im.impress-ssl.key-out unpass-im.impress-ssl.key

This is basically possible, but, Start SSL will be in Firefox, Opera, IE will report the certificate does not recognize the error, only chrome can recognize, according to the following article, Http://www.gaojinbo.com/nginx-https-%E5 %85%8d%e8%b4%b9ssl%e8%af%81%e4%b9%a6%e9%85%8d%e7%bd%ae%e6%8c%87%e5%8d%97.html

==============2009/11/26 update===================

In STARTSSL forum See official said firefox3.5 not support is because not configured. After the configuration resolved Firefox 3.5 does not trust the issue of the certificate, Ubuntu Studio under test passed.

The step is: Get Https://www.startssl.com/certs/ca.pem

Get Https://www.startssl.com/certs/sub.class1.server.ca.pem

Cat Ca.pem Sub.class1.server.ca.pem >> CA-CERTS.CRT

Cat Ca-certs.crt >> Security.cer

All actions performed:

wget https://www.startssl.com/certs/ca.pemwget https://  Www.startssl.com/certs/sub.class1.server.ca.pemcat ca.pem sub.class1.server.ca.pem >> ca-  certs.crt# is the information to add the Start SSL service cat ca-certs.crt >> IM.IMPRESS-SSL.CRT

Add SSL to Nginx server:

   Server {        listen       443  SSL;        server_name  IM.IMPRESS.PW;                                                                                                                          Root    im_root;        Index   index.htm;        Ssl_certificate      SSL/im.impress-ssl.crt;        Ssl_certificate_key  SSL/unpass-im.impress-Ssl.key;        Ssl_session_cache    shared:ssl:1m;        Ssl_session_timeout  5m;         Ssl_ciphers High  :!anull:! MD5;        Ssl_prefer_server_ciphers on  ;.}

Restart nginx,ok!

@IM website record (i) = "Free HTTPS certificate"

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.