SSL Certificate

[Mark Doliner]

On Mon, Dec 8, 2008 at 6:12 PM, Mark Doliner <mark at kingant.net> wrote:
> On Mon, Dec 8, 2008 at 6:00 PM, Stu Tomlinson <stu at nosnilmot.com> wrote:
>> On Mon, 2008-12-08 at 14:45 -0800, Mark Doliner wrote:
>>> Alright, I bought a 5 year certificate from Steadfast/Comodo at the
>>> discounted rate of $14.95 per year (because they like us :-) ).  It's
>>> now installed on developer.pidgin.im, and is only used for
>>> https://developer.pidgin.im/login.  Let me know if you notice any
>>> problems.
>>
>> Is there an intermediate CA certificate that needs to be configured on
>> the webserver to complete the chain so FF3 can trust this? Or is this
>> just a poor choice of CA?
>
> My Firefox 3 doesn't complain about the certificate, but feel free to
> fiddle with it.  Everything I was emailed can be found on imperial at
> /etc/ssl/private/all_sslcertificate_stuff_from_steadfast_comodo/
>
> And the two files lighttpd is using are
> /etc/ssl/private/developer.pidgin.im.certkey.pem and
> /etc/ssl/certs/developer_pidgin_im.crt

This is fixed now, thanks to some help from rekkanoryo.
/etc/ssl/certs/developer_pidgin_im.crt contains the three intermediate
certs and /etc/ssl/private/developer.pidgin.im.certkey.pem contains
our cert and our key.

-Mark