RapidSSL cert installation on nginx server
I recently installed RapidSSL cert and got “not trusted” message on Android (desktop browsers were both ok)
Now… this is how to install RadidSSL cert properly.
Step 1: got and check your installation here https://cryptoreport.rapidssl.com/checker/views/certCheck.jsp – if you’ve got nothing working yet – just download RapidSSL SHA256 CA cert from here:
Or choose the one you like the most (only kidding – the one that you actually need SHA256) from -> https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1549
Save this cert as intermediate.crt
Step 2:
Save your cert you received via email as SSL.crt
Step 3:
- You need to combine the SSL.crt file and the intermediate.crt into a single concatenated file
- To get a single concatenated file out of the Intermediate CA and the SSL Certificate run the following command:cat intermediate.crt >> SSL.crt
Step 4:
This is a part of my nginx config file:
server {
listen 80 default_server;
listen 443 ssl;
server_name default;
root /home/forge/default/public;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_certificate /etc/nginx/ssl/SSL.crt;
ssl_certificate_key /etc/nginx/ssl/www.domainname.com.key;
ssl_certificate should be your concatenated file created in Step 3
ssl_certificate_key should be the key file generated when you created the CSR.
Step 4: restart your server. Enjoy!
PS: I’ve seen some comments about using slightly different format, but haven’t tested that myself:
SSLCertificateFile /etc/httpd/ssl/domain.crt
SSLCertificateKeyFile /etc/httpd/ssl/domain.key
SSLCertificateChainFile /etc/httpd/ssl/intermediate.crt
In: English, Linux, nginx, Ubuntu · Tagged with: nginx