HTTPS using VeriSign Certificate, Privatekey and Certificate Authority files.

[Mark Cracknell]

I've built a node.js chat/messaging etc server that I need to secure using SSL. 

I have tested with a self signed certificate which works fine, so long as the user manually accepts that certificate in their browser (as expected). However, I have now purchased a basic VeriSign certificate, which requires the use of two CA certificate files in addition to the private key and certificate files.

Now, I've been browsing the HTTPS docs and they detail how to use a standart key-cert configuration, however, there is no mention of the CA files.

One user on the IRC channel recommended this: https://gist.github.com/972135

Which I have modified to use both CA certificates like this:

https://gist.github.com/c948959790341346a05b

Now the server boots fine. It's just that in Chrome it errors: 'This certificate was signed by an unknown authority'

Firefox errors more severely and denies access to the page:

"

    xxxx.example.com uses an invalid security certificate.

    The certificate is not trusted because no issuer chain was provided.

    (Error code: sec_error_unknown_issuer)

"

So finally, the question arises: How do I fix this problem? I believe it is because the CA files are not being used by the HTTPS package in node, however, I'm not sure.

I've poured through the documentation, however, I cannot find a solution.

Help is very much appreciated

Mark Cracknell

[phidelta]

What you do is simPly concat the two CA files and your certificate.

#> cat ca1.pem > res.pem
#> cat ca2.pem >> res.pem
#> cat cert.pem >> res.pem

Then use res.pem as your certificate.

Regards, Phil