Thawte recently started issuing a new kind of SSL cert. Instead of just taking your crt and key files and dumping them on your server, you need to install Thawte’s intermediate certificates as well.
here solution:
- Download your client certificate from thawte (.crt file thawte sent)
- Download the primary and secondary intermediate CAs
- Combine the 3 certificates into one file, with your certificate first, then the primary and secondary intermediate certificates.
- Add: ssl_verify_depth 3; to your configuration file
- Restart nginx (/etc/init.d/nginx restart)
So in the end, your nginx configuration file should look like the following:
ssl_certificate /path/to/certificate.bundle.cert;
ssl_certificate_key /path/to/private.key;
ssl_verify_depth 3;
Now your browser should say that the certificate was issues by Thawte DV SSL CA.
Test it by visiting https://www.ssllabs.com/ssldb/