i have combinated my certificate with valicert from here:
link
Set it in nginx and reload it.
It works like a charm in webbrowser but still not working in visual studio - maybe because i dont gave anything mentioned in Nginx conf file regardinf lsp port 5007?
[19:29:27] root@openhab:/etc/ssl# openssl s_client -connect openhab:443
CONNECTED(00000005)
depth=0 C = PL, ST = Lower Silesia, L = Wroclaw, O = openhab, OU = openhab, CN = openhab
**verify error:num=20:unable to get local issuer certificate**
verify return:1
depth=0 C = PL, ST = Lower Silesia, L = Wroclaw, O = openhab, OU = openhab, CN = openhab
**verify error:num=21:unable to verify the first certificate**
verify return:1
---
Certificate chain
0 s:C = PL, ST = Lower Silesia, L = Wroclaw, O = openhab, OU = openhab, CN = openhab
i:C = PL, ST = Lower Silesia, L = Wroclaw, O = openhab, OU = openhab, CN = openhab
1 s:C = PL, O = home.pl S.A., CN = Certyfikat SSL
i:C = PL, O = Unizeto Technologies S.A., OU = Certum Certification Authority, CN = Certum Global Services CA SHA2
2 s:C = PL, O = Unizeto Technologies S.A., OU = Certum Certification Authority, CN = Certum Global Services CA SHA2
i:C = PL, O = Unizeto Technologies S.A., OU = Certum Certification Authority, CN = Certum Trusted Network CA
3 s:C = PL, O = Unizeto Technologies S.A., OU = Certum Certification Authority, CN = Certum Trusted Network CA
i:C = PL, O = Unizeto Sp. z o.o., CN = Certum CA
4 s:C = PL, O = Unizeto Sp. z o.o., CN = Certum CA
i:C = PL, O = Unizeto Sp. z o.o., CN = Certum CA
---
Server certificate
-----BEGIN CERTIFICATE-----
.
. certificate code here not important for topic
.
.
.
-----END CERTIFICATE-----
subject=C = PL, ST = Lower Silesia, L = Wroclaw, O = openhab, OU = openhab, CN = openhab
issuer=C = PL, ST = Lower Silesia, L = Wroclaw, O = openhab, OU = openhab, CN = openhab
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 5944 bytes and written 402 bytes
**Verification error: unable to verify the first certificate**
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: xxxxx
Session-ID-ctx:
Master-Key: xxxxx
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 86400 (seconds)
TLS session ticket:
.
. tls code here not important for topic
.
.
Start Time: 1578249142
Timeout : 7200 (sec)
**Verify return code: 21 (unable to verify the first certificate)**
Extended master secret: yes