Changes between Version 5 and Version 6 of Ticket #814, comment 12
- Timestamp:
- 07/03/16 21:53:52 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #814, comment 12
v5 v6 1 And some additional info. As you can see both ECDSA and RSA based ciphers are offered, which is only the case if LibreSSL has access to key pairs of both types. The Nginx's docs do not explain the correct way to include the intermediate certificate if both RSA and ECDSA is in use. If I append the intermediate certificate only to the ECDSA certificate, referenced in above Nginx config, ssllabs doesn't throw the error. But, I don't know whether this is the correct way. The docs should also cover the scenario where the ECDSA and RSA are issued by different CAs with differing intermediate certificates.1 And some additional info. As you can see both ECDSA and RSA based ciphers are offered, which is only the case if LibreSSL has access to key pairs of both types. The Nginx's docs do not explain the correct way to include the intermediate certificate if both RSA and ECDSA is in use. If I append the intermediate certificate only to the ECDSA certificate, referenced in above Nginx config, ssllabs doesn't throw the error. But, I don't know whether this is the correct way. The docs should also cover the scenario where the ECDSA and RSA certificates are issued by different CAs with differing intermediate certificates. 2 2 3 3
