starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Wrong order in the Fullchain (For Nginx) #7

New Issue
Closed
opened 2025-12-29 00:21:43 +01:00 by adam · 0 comments
adam commented 2025-12-29 00:21:43 +01:00
Owner
Copy Link

Originally created by @musab1 on GitHub (Dec 8, 2015).

Hi

When creating the fullchain.pem the order is wrong.

You are creating ChainCert -> Domain Cert instead the other way around.
Nginx is Failing with:
failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
as the privkey.pem doenst match the first found certificate.

As i have no Idea about Pull Requests, here the diff which fix this:

diff letsencrypt.sh letsencrypt.sh.orig 
211d210
<     cat "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
213c212
<       cat "${BASEDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"

---
>       cat "${BASEDIR}/certs/${ROOTCERT}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
215c214
<       cat "${SCRIPTDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"

---
>       cat "${SCRIPTDIR}/certs/${ROOTCERT}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
216a216
>     cat "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"

thank you, great client by the way.

Originally created by @musab1 on GitHub (Dec 8, 2015). Hi When creating the fullchain.pem the order is wrong. You are creating ChainCert -> Domain Cert instead the other way around. Nginx is Failing with: failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch) as the privkey.pem doenst match the first found certificate. As i have no Idea about Pull Requests, here the diff which fix this: <pre> diff letsencrypt.sh letsencrypt.sh.orig 211d210 < cat "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" 213c212 < cat "${BASEDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" --- > cat "${BASEDIR}/certs/${ROOTCERT}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" 215c214 < cat "${SCRIPTDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" --- > cat "${SCRIPTDIR}/certs/${ROOTCERT}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" 216a216 > cat "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" </pre> thank you, great client by the way.
adam closed this issue 2025-12-29 00:21:43 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#7
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?