[Spce-user] Configuring SSL certificates

Wed Mar 7 18:58:42 EST 2012

Thanks, I considered the option to modify the Apache config directly, but wanted to be sure first given that you rewrite some config files.
We usually specify these in the virtual site configs, which seem to be rewritten.
Will follow the method below
Thanks, Kevin

-----Original Message-----
From: Andrew Pogrebennyk [mailto:apogrebennyk at sipwise.com] 
Sent: Wednesday, March 07, 2012 8:25 PM
To: Kevin Blackman
Cc: spce-user at lists.sipwise.com
Subject: Re: [Spce-user] Configuring SSL certificates

On 03/07/2012 07:49 PM, Kevin Blackman wrote:
> OK - this has been resolved, seems it was an issue of white space at the end of the lines in the CRT and crt files.
> The query concerning intermediate CA file config via config.yml remains open...

Please check

AFAIR if you the following trust heirarchy:

trusted root
  - inter 1
       - inter 2
             - server.example.com.crt

You may construct the crt file in this exact order:

cat server.example.com.crt > chain-server.example.com.crt cat inter2.crt >> chain-server.example.com.crt cat inter1.crt >> chain-server.example.com.crt

And then specify resulting file in SSLCertificateChainFile.

The apache configuration is not under templates (yet) so you can edit your httpd.conf directly.

More information about the Spce-user mailing list