ssl_trusted_certificate should point to chain.pem if we're demonstrating LetsEncrypt: https://community.letsencrypt.org/t/howto-ocsp-stapling-for-nginx/13611/5

пре 5 година · 10a9682596
--- a/installation/pleroma.nginx
+++ b/installation/pleroma.nginx
@@ -31,7 +31,7 @@ server {
    listen 443 ssl http2;
    ssl_session_timeout 5m;

    ssl_trusted_certificate   /etc/letsencrypt/live/example.tld/fullchain.pem;
    ssl_trusted_certificate   /etc/letsencrypt/live/example.tld/chain.pem;
    ssl_certificate           /etc/letsencrypt/live/example.tld/fullchain.pem;
    ssl_certificate_key       /etc/letsencrypt/live/example.tld/privkey.pem;