Tip: how to avoid SSL problems with Google Chrome and MacOS Sierra

October 10, 2016 4.5k views
Server Optimization
Gabriele Romanato
By:
Gabriele Romanato

There’s been a significant change in the latest OS X update involving the way Google Chrome (53) now handles SSL certificates: now an intermediate certificate file is required.
This problem doesn’t affect Chrome Canary.

*The fix*

cat primary_cert.crt intermediate_cert.crt >> bundle.crt

*Apache*

<VirtualHost *:443>
ServerName site.com
ServerAlias www.site.com

DocumentRoot /home/site/www

SSLEngine on
SSLCertificateFile /home/site/server.crt
SSLCertificateKeyFile /home/site/server.key
SSLCertificateChainFile /home/site/bundle.crt
</VirtualHost>

*nginx*

server {
    server_name  site.com www.site.com;
    listen 443 default_server ssl;
    root /home/site/www;
    index index.html index.php;

    ssl_certificate /home/site/bundle.crt;
    ssl_certificate_key /home/site/server.key;
    ssl on;
}

*Node.js*

'use strict';

var https = require('https');
var express = require('express');
var app = express();

var sslOptions = {
    key: fs.readFileSync('server.key'),
    cert: fs.readFileSync('server.crt'),
    ca: fs.readFileSync('bundle.crt')
};

https.createServer(sslOptions, app).listen(3000);

Hope this helps.

Sign In to Comment
1 Answer
ryanpq MOD October 10, 2016

Thanks for sharing this!

Report
Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Related