server-configs-nginx/h5bp/ssl/certificate_files.conf

33 lines
1.3 KiB
Nginx Configuration File
Raw Normal View History

2018-11-25 19:13:33 +01:00
# ----------------------------------------------------------------------
# | Certificate files |
# ----------------------------------------------------------------------
# This default SSL certificate will be served whenever the client lacks
# support for SNI (Server Name Indication).
# Make it a symlink to the most important certificate you have, so that
# users of IE 8 and below on WinXP can see your main site without SSL errors.
#
# (1) Certificate and key files location
# The certificate file can contain intermediate certificate.
#
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate
#
# (2) Intermediate certificate location if loaded certificate (1) does not
2019-05-14 19:02:21 +02:00
# contain intermediate certificate when enabling OCSP stapling.
2018-11-25 19:13:33 +01:00
#
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_trusted_certificate
#
# (3) CA certificate file location for client certificate authentication
#
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate
# (1)
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
2018-11-25 19:13:33 +01:00
# (2)
# ssl_trusted_certificate /path/to/ca.crt;
# (3)
# ssl_client_certificate /etc/nginx/default_ssl.crt;