InstantSSL's certificate no different than a self signed certificate under Nginx with an IP accessed address

Posted by Absolute0 on Server Fault See other posts from Server Fault or by Absolute0
Published on 2012-07-06T21:09:55Z Indexed on 2012/07/06 21:18 UTC
Read the original article Hit count: 328

Filed under:
|
|
|

I ordered an ssl certificate from InstantSSL and got the following pair of files:

my_ip.ca-bundle, my_ip.crt

I also previously generated my own key and crt files using openssl.

I concatenated all the crt files:

cat my_previously_generted.crt my_ip.ca_bundle my_ip.crt > chained.crt

And configured nginx as follows:

server { 
    ...

    listen 443;
    ssl on;
    ssl_certificate /home/dmsf/csr/chained.crt;
    ssl_certificate_key /home/dmsf/csr/csr.nopass.key;

    ...
 }

I don't have a domain name as per the clients request. When I open the browser with https://my_ip

chrome gives me this error:

The site's security certificate is not trusted!
You attempted to reach my_ip, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications.
You should not proceed, especially if you have never seen this warning before for this site.

© Server Fault or respective owner

Related posts about nginx

Related posts about ssl