我正在使用RapidSSL和apache2(2.2.22-13 + deb7u6)。我从Rapidssl获得了三个文件-public.crt,private.key和Rapid_intermediate.crt。
我的public.crt看起来像
-----BEGIN CERTIFICATE-----
MIIErjCCA5agAwIBAgIDBthaMA0GCSqSAwHgYDVQQDExdSYXBpZFNTTCBTSEEy
NTYgQ0EgLSBHMzAeFw0xNTA5MTAwMDU0NTJaFw0xNjA5MTExNTM1NTNaMIGTMRMw
EQYDVQQLEwpHVDM5ODg2NjMwMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNv
bS9yZXNvdXJjZXMvY3BzIChjKTE1MS8wLQYDVQQLEyZLm1lbG9tYXAuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDo9jDb+k/dHqp7FW7dW
V9+W6a1Ut3OKC3wCulac+WG2roxZukuA42LQ4fAY/BDtBkk2UQ5IyFpFzmCiXjBu
...
-----END CERTIFICATE-----
我的private.key看起来像
-----BEGIN RSA PRIVATE KEY-----
MdddddIBAAKCAQEAvDo9jDb+k/dHqp7FW7dddddddddPvuSy2aEJcHbt2kb6UI
ddddddd7dWVQ84DlVPvuSy2aEJcHbt2kb6UIdddddddddAKCAQEAvDMIIEowIB
...
-----END RSA PRIVATE KEY-----
我的RapidSSL中间体看起来像
-----BEGIN CERTIFICATE-----
MIIEZZZZZZZgAwIBAgIDAjp3MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYSSSSSSS1HZW9UcnVzdCBJbmMuMRswGQYDVQQSSSSSZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTQwODI5MjEzOTMyWhcNMjIwNTIwMjEzOTMyWjBHMQswCQYDVQQG
EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXUmFwaWRTU0wg
...
-----END CERTIFICATE-----
在我的Apache配置中
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/crt/public.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/private.key
SSLCertificateChainFile /etc/apache2/ssl/crt/rapid_intermediate.crt
但是,我仍然遇到以下错误。
unable to get local issuer certificate
certificate not trusted
unable to verify the first certificate
请让我知道我做错了。
谢谢。
最佳答案
检查链顺序,有时链未排序或链中需要其他证书,如果服务器是公共服务器,则可以使用sslchecker.com进行检查
关于apache - Debian上的Apache SSL“无法获取本地发行者证书”,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/34343691/