Project

General

Profile

Suggestion for LetsEncrypt Certificate Documentation.

Ronald Chuck
Added about 2 years ago

Hi guys!

I have a suggestion for the Letsencrypt Documentation Page. (http://docs.tigase.org/tigase-server/snapshot/Administration_Guide/webhelp/LetsEncryptCertificate.html)

The Documentation suggests combining following Files: privkey.pem, isrgrootx1.pem and letsencryptauthorityx3.pem. This did not work for me, The resulting cert always gave me an TLS handshake error.

It took me quite a while to figure out, that I also have to include my own letsencrypt cert.pem file (which totally makes sense!).

I created my tigase cert file by combining following files in the named order: cert.pem, privkey.pem, letsencryptauthorityx3.pem, isrgrootx1.pem

(cat ./cert.pem ./privkey.pem ./letsencryptauthorityx3.pem ./isrgrootx1.pem > my.domain.com.pem)

Some clients (psi) think that the resulting cert is self signed because this method does not use the IdentTrust cross-signed root certificate.

I think this Information is also important for certs from other issuers.

Hope this helps...

All the best Ronald.


Replies (1)

Added by Daniel Wisnewski IoT 1 Cloud about 2 years ago

Hi Ronald, thanks for the heads up, I'll test this compared to documentation and update as necessary, thanks again!

    (1-1/1)