loginctl: Failed to look up user $USER: No such process
Kim Klotz
3 years
HowTo: Rebalance Elasticsearch Shards
Andreas Vöst
3 years
Installing throttled to fix Lenovo laptops with nvidia graphics running Ubuntu losing performance after a while
Emma Heinle
3 years
ThinkPad BIOS simulator
Emma Heinle
3 years
Prevent systemd from dropping IP-Addresses configured from other processes
Moritz Kraus
4 years
Listing sizes in AWS S3 Buckets
Claus-Theodor Riegg
4 years
Fix timedrifts after VM live migration
Claus-Theodor Riegg
4 years
HowTo: Clone a MariaDB database with mariabackup, mbstream and netcat
Claus-Theodor Riegg
4 years
XCA: Easy SSL certificate management
Andreas Vöst
4 years
send a testmail via exim
Claus-Theodor Riegg
9 years
nginx: if is evil
Claus-Theodor Riegg
9 years
HowTo: enable termination protection for all EC2 instances not in autoscaling groups via aws cli
Claus-Theodor Riegg
5 years
HowTo: enable DeletionProtection for all RDS instances via aws cli and jq
Claus-Theodor Riegg
5 years
Build and install exim4-daemon-custom on Ubuntu 16.04
Kim Klotz
5 years
HowTo: Downgrade a Port on FreeBSD
Marius Schuller
5 years
HowTo: Use Journalctl to View and Manipulate Systemd Logs
Claus-Theodor Riegg
5 years
Debug Puppet "Error: Failed to apply catalog: undefined method [...] for nil:NilClass"
Kim Klotz
5 years
GitLab: Rails Console Tasks
Marius Schuller
6 years
HowTo: let puppet agent run from different branch
Marius Schuller
6 years
start a systemd service blocked by rate limiting
Claus-Theodor Riegg
6 years
Correct sequence of ssl cert and intermediate certificates
Emma Heinle
6 years
convert PostgreSQL custom dump format to textdump
Claus-Theodor Riegg
6 years
System Administration Screencasts
Henning Koch
10 years
Elasticsearch unassigned replica shards on single node instances
Claus-Theodor Riegg
7 years

Correct sequence of ssl cert and intermediate certificates

Posted . Visible to the public.

In case you're wondering, when concat-ing server certificate and intermediate certificates, the server certificate comes first.

RFC 4346:

certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
certificate must come first in the list. Each following
certificate must directly certify the one preceding it.

tools.ietf.org
Emma Heinle
Say thanks1
Last edit
Emma Heinle
License
Source code in this card is licensed under the MIT License.
Privacy policy Terms of service Imprint
This website uses short-lived cookies to improve usability.
or learn more