Tip: how to avoid SSL problems with Google Chrome and MacOS Sierra
There's been a significant change in the latest OS X update involving the way Google Chrome (53) now handles SSL certificates: now an intermediate certificate file is required.
This problem doesn't affect Chrome Canary.
*The fix*
cat primary_cert.crt intermediate_cert.crt >> bundle.crt
*Apache*
<VirtualHost *:443>
ServerName site.com
ServerAlias www.site.com
DocumentRoot /home/site/www
SSLEngine on
SSLCertificateFile /home/site/server.crt
SSLCertificateKeyFile /home/site/server.key
SSLCertificateChainFile /home/site/bundle.crt
</VirtualHost>
*nginx*
server {
server_name site.com www.site.com;
listen 443 default_server ssl;
root /home/site/www;
index index.html index.php;
ssl_certificate /home/site/bundle.crt;
ssl_certificate_key /home/site/server.key;
ssl on;
}
*Node.js*
'use strict';
var https = require('https');
var express = require('express');
var app = express();
var sslOptions = {
key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.crt'),
ca: fs.readFileSync('bundle.crt')
};
https.createServer(sslOptions, app).listen(3000);
Hope this helps.
Log In to Comment