www.startcomca.com received a certificate here. I have nginx. Here is my config

server { listen 443 ssl; server_name ***; ssl_certificate /etc/ssl/nginx/***/123.crt; ssl_certificate_key /etc/ssl/nginx/***/123.key; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH !RC4"; ssl_prefer_server_ciphers on; gzip on; gzip_comp_level 4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; location ~ /\. { deny all; access_log off; log_not_found off; } index index.php index.html index.htm; location / { root /usr/html/***; } }

where 123.key is the key that I received as a result of startcomtool utility and 123.crt, what I downloaded from the site in the archive in the nginxServer folder. What did I do wrong?

  • one
    And what is wrong? You would describe the problem. So far, I can assume that Chrome considers the certificate invalid. Discard this start com: m.habrahabr.ru/post/325300 and use let's encrypt - KAGG Design
  • one
    First, why did you decide that you did something wrong? Secondly, using startcomtool was definitely the wrong decision, there is the above let's encrypt - andreymal
  • First, where is the evidence that is wrong. nginx -t to the studio, he will swear to you alive on the sert, if something goes wrong. Secondly, why do you need to use startcomtool (long since the tears when their three-year certs became invalid), when there is twice the above mentioned letsencrypt? - AK
  • Well, really, what's the problem with constantly revoking certificates when there is LE (put in one click, no SMS, and the nginx config will set up for you). - Vladimir Gamalyan

0