Apache chain issues with dual RSA/ECDSA certificates

logopk · June 16, 2021, 11:23am

Hi there,

Thanks for getting me on the list. I got my first certs .

Now I have the following problem:

so far I have used RSA and ECC certificates in parallel on my Apache installation
Just added both certs in the VHost. That works fine with the same chain.
(BTW that works also on nginx or tomcat).

Now with two different chains, that messes this setup completely. Only one works at a time. The other's is incomplete.

What would be the recommended solution for this case?

Any help appreciated.

Peter

tialaramex · June 16, 2021, 11:30am

This should probably be carved off into its own thread. However, meanwhile it sounds from your description as if you've used the SSLCertificateChainFile feature. That feature is long obsolete, unless you have a truly ancient Apache setup you should use just SSLCertificateFile but with files containing the entire fullchain (not just your leaf certificate)

logopk · June 16, 2021, 11:44am

Uiiiii. Thanks that would be obvious... I'll check.

logopk · June 17, 2021, 7:31am

Thanks @tialaramex that did it.

system · July 17, 2021, 7:33am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Chain issue on new certificate from letsencrypt Help	3	493	August 21, 2021
Will LetsEncrypt work well on apache with existing certificate? Help	2	1242	March 8, 2017
Certificate chain incomplete Server	5	6559	March 22, 2019
Help with Certificate Chain Not Complete Help	31	3440	September 5, 2021
Server w/multiple domains - Wrong Cert Server	38	6989	November 4, 2017

Apache chain issues with dual RSA/ECDSA certificates

Related topics