NGINX 的 ssl_trusted_certificate 应该写 ca 证书还是 fullchain 证书，为何 ssl_certificate 用的又是 fullchain 证书

ssl_certificate : fullchain cert
ssl_trusted_certificate : ca cert

@Humorce 能不能解释下原理，文档写的含糊不清，Thanks

@seers #2
要从这往下看
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling

@seers #2
具体如下：

Syntax: ssl_trusted_certificate file;
Default: —
Context: http, server
This directive appeared in version 1.3.7.

Specifies a file with trusted CA certificates in the PEM format used to verify client certificates and OCSP responses if ssl_stapling is enabled.

trusted certificate 本来就是可信 ca 证书。这个证书必须是客户证书的上级，既然是上级，当然是 ca。fullchain 并没有什么用，因为 ca 的 ca 又不关认证。