Suggestion for LetsEncrypt Certificate Documentation.
I have a suggestion for the Letsencrypt Documentation Page. (http://docs.tigase.org/tigase-server/snapshot/Administration_Guide/webhelp/LetsEncryptCertificate.html)
The Documentation suggests combining following Files: privkey.pem, isrgrootx1.pem and letsencryptauthorityx3.pem. This did not work for me, The resulting cert always gave me an TLS handshake error.
It took me quite a while to figure out, that I also have to include my own letsencrypt cert.pem file (which totally makes sense!).
I created my tigase cert file by combining following files in the named order: cert.pem, privkey.pem, letsencryptauthorityx3.pem, isrgrootx1.pem
(cat ./cert.pem ./privkey.pem ./letsencryptauthorityx3.pem ./isrgrootx1.pem > my.domain.com.pem)
Some clients (psi) think that the resulting cert is self signed because this method does not use the IdentTrust cross-signed root certificate.
I think this Information is also important for certs from other issuers.
Hope this helps...
All the best Ronald.