I have an SSL server in Express, which is not working on all browsers (unless the user manually trusts the website) since some browsers require the chain certificate (we have our own intermediate certificate). I've put our intermediate and chain certificate in one .crt file. The chain + intermediate certificate is in the INT_CERT_FILE
variable. It does not seem to work. I am using http://www.digicert.com/help, as well as running openssl s_client -connect tasker.adnxs.net:443 -showcerts | grep "^ "
to check, but it does not seem to be returning the intermediate + chain certificate.
Here's how I'm setting it up:
var fs = require("fs");
var https = require("https");
var express = require("express");
var KEY_FILE = fs.readFileSync("path/to/key/file.key");
var CERT_FILE = fs.readFileSync("path/to/crt/file.crt");
var INT_CERT_FILE = fs.readFileSync("path/to/intermediate and chain crt.crt");
var _app_https = express();
var _server_https = null;
_server_https = https.createServer({
key: KEY_FILE,
cert: CERT_FILE,
ca: INT_CERT_FILE
}, _app_https).listen(443);
When visiting it on Firefox, Firefox does not recognise its identity and requires it to be manually trusted. How can I fix this issue?
Thanks,
See Question&Answers more detail:os