SSLCertificateChainFile
This directive sets the certification chain returned by Apache during SSL connection. Elle permet de configurer spécifiquement cette chaîne et elle est à privilégier sur SSLCACertificateFile.This directive has to point at a file. This file must contain the entire certification chain except for the server certificate: the intermediate certificate then the root one.
It can result in:
-----BEGIN CERTIFICATE----- xxxxxxxxxx the intermediate certificate (that signed yours) xxxxxxxxx -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- xxxxxxxxxx the root certificate (that signed the certificate above) xxxxxxxxx -----END CERTIFICATE-----There can be several intermediate certificates before the root. Your server certificate (final entity) does not appear in the certification chain. It is loaded by SSLCertificateFile
In the Apache configuration file you can use this directive in a VirtualHost with:
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/machaine.crt
This directive is compatible with:
- mod_ssl 2.3.6 and higher, see the official documentation
- apache 2.x and higher, see the official documentation
This directive is essential to use certification chains that update automatically IE7 under Windows XP.
Last edited on 08/13/2014 13:31:07 --- [search]