今天在安裝 images.abic.com.tw 的憑證的時候
發現在 mobile 的 chrome 上都會發生錯誤…
檢查了一下發現是 SSL Certificate Chain 的問題, 因為我在 server 只上了自已 domain 的憑證
沒把 Intermediate certificate 加上去造成的
Creating a .pem with the Entire SSL Certificate Trust Chain
- Log into your DigiCert Management Console and download your Intermediate (DigiCertCA.crt), Root (TrustedRoot.crt), and Primary Certificates (your_domain_name.crt).
- Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:
- The Primary Certificate – your_domain_name.crt
- The Intermediate Certificate – DigiCertCA.crt
- The Root Certificate – TrustedRoot.crt
Make sure to include the beginning and end tags on each certificate. The result should look like this:
—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate: your_domain_name.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate: DigiCertCA.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate: TrustedRoot.crt)
—–END CERTIFICATE—–Save the combined file as your_domain_name.pem. The .pem file is now ready to use.
上述紅色的部份就是我們完整的 SSL Certificate
檢查 ssl Certificate 的工具
https://cryptoreport.rapidssl.com/checker/views/certCheck.jsp
參考資料
https://www.digicert.com/ssl-support/pem-ssl-creation.htm
https://www.linode.com/docs/platform/nodebalancer/nodebalancer-ssl-configuration