Skip to main content


Showing posts from October, 2014

Nginx and Extended Validation SSL Certificates

Quick tip on setting up Nginx with Extended Validation (EV) SSL certificates since this took a bit of trial and error for me this morning and I found a lot of conflicting and in some cases incorrect information while searching around.

If after configuring Nginx with your SSL certificate you're getting an untrusted certificate error, or a 400 error saying the certificate wasn't sent, you're likely missing the intermediate certificate bundle that's required on EV certificates, which if you use Verisign certs is located here:

According to the Nginx documentation (pro tip: start with the docs, not with what you pull up on StackOverflow), you need to concatenate your host-specific SSL certificate and the intermediate certificate bundle into a single file, with the host-specific SSL certificate first in the file. So you'll end up with a single file (foo.crt)…