Differences

This shows you the differences between two versions of the page.

--- en:certificates [2017/12/04 15:49] – Silke Meyer
+++ en:certificates [2017/12/04 15:51] – [The SSL certificate chain on your webserver] Silke Meyer
@@ Line 55: / Line 55: @@
 ded7378
 </code>
-  * Check the hash of the first intermediate certificate. it should match the server certificate's issuer hash.
+  * Check the hash of the first intermediate certificate. It should match the server certificate's issuer hash.
 <code>
 $ openssl x509 -in intermediate1.pem -noout -hash
@@ Line 67: / Line 67: @@
 If there is another intermediate certificate, compare the above issuer hash with its hash and so on. Like this, you crawl up to the root certificate step by step.
-If you use the Apache webserver, point the SSLCACertificateFile directive to your chain file. (See the example configuration on [[de:shibidp3prepare-http#konfiguration|IdP Preparations: HTTPServer]] resp. [[de:shibsp#konfigurationsbeispiel|Shibboleth SP configuration example]].
+If you use the Apache webserver, point the SSLCACertificateFile directive to your chain file. (See the example configuration on [[de:shibidp3prepare-http#konfiguration|IdP Preparations: HTTPServer]] resp. [[de:shibsp#konfigurationsbeispiel|Shibboleth SP configuration example]]).
 Once you have added you certificate chain, adapted your configuration and activated it you can verify it with OpenSSL:
@@ Line 73: / Line 73: @@
 $ openssl s_client -connect idp.domain.tld:443
 </code>
-Below you can the answer of dfn.de's webserver as an example. As an alternative you can use external services, e.g. the  [[https://www.ssllabs.com/ssltest/|SSLLabs]] website.
+Below you can see the answer of dfn.de's webserver as an example. As an alternative you can use external services, e.g. the [[https://www.ssllabs.com/ssltest/|SSLLabs]] website.
 **Next step:** [[en:functionaltest|Functional Tests]]