AnsweredAssumed Answered

Nginx 1.11.5: Multiple Certificate Chains

Question asked by Christian Felsing on Oct 2, 2016
Latest reply on Oct 3, 2016 by Rob Moss

I am using nginx/1.11.5 with two certificate chains, one for RSA (Let's Encrypt) and the second one for ECDSA (Comodo). SSLlabs server check detects RSA chain only, ECDSA path is not detected. Same behavior on openssl s_client if no cipher is set on command line. If ECDSA cipher is specified e.g.

echo | openssl s_client -tls1_2 -servername www3.ip6.li -showcerts -connect www3.ip6.li:443 -cipher ECDHE-ECDSA-AES256-SHA384

openssl selects Comodo certificate and test passes also.

 

Is that an uniqueness of Nginx, or a bug of Nginx/SSLlabs?

Outcomes