> Also on mobile chrome, I get a > warning that the certificate is not trusted now. We did not have these > issues using ATS 2.0.7. I suspect it has to do with the GoDaddy certificates > using an intermediate CA. I had configured > proxy.config.ssl.server.cert_chain.filename in records.config with the > godaddy certificate chain. I cannot find an equivalent setting in the > ssl_multicert.config.
I use ssl_ca_name to point to the certificate chain in ssl_multicert.config. That works for me: dest_ip=109.247.114.204 ssl_cert_name=/etc/pki/tls/certs/star.example.com.crt ssl_key_name=/etc/pki/tls/private/star.example.com.key ssl_ca_name=/etc/pki/tls/certs/star.example.com.ca-bundle But also, you might be hitting the SNI requirement if you're using v3.2.0, so you should try 3.2.3. https://issues.apache.org/jira/browse/TS-1392 -jf
