This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
help:technical:sslcerts [2015/11/24 20:13] rubin |
help:technical:sslcerts [2015/11/25 21:12] rubin |
||
---|---|---|---|
Line 13: | Line 13: | ||
| | ||
Then they must be combined into a .pem file: | Then they must be combined into a .pem file: | ||
- | |||
- | < | ||
| | ||
- | cat server.key startcom-sub.class2.server.ca.pem > ircd.pem | + | cat server.key |
+ | |||
+ | |||
+ | ====== Lessons Learned ====== | ||
+ | * gnutls defaults to accepting only 16 intermediary certs, and the startcom intermediary bundle has 18, so it breaks. We really only need the one class2 sub cert, so we switched to that. | ||
+ | * The ca cert is not needed and causes a warning (self signed certificate in chain) in some cases, so removed that. | ||
+ | |||