RapidSSL cert installation on nginx server

I recently installed RapidSSL cert and got “not trusted” message on Android (desktop browsers were both ok)

Now… this is how to install RadidSSL cert properly.

Step 1: got and check your installation here https://cryptoreport.rapidssl.com/checker/views/certCheck.jsp – if you’ve got nothing working yet – just download RapidSSL SHA256 CA cert from here:


Or choose the one you like the most (only kidding – the one that you actually need SHA256) from -> https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1549

Save this cert as intermediate.crt

Step 2:

Save your cert you received via email as SSL.crt

Step 3:

  1. You need to combine the SSL.crt file and the intermediate.crt into a single concatenated file
  2. To get a single concatenated file out of the Intermediate CA and the SSL Certificate run the following command:cat intermediate.crt >> SSL.crt

Step 4:

This is a part of my nginx config file:

server {
    listen 80 default_server;
    listen 443 ssl;
    server_name default;
    root /home/forge/default/public;

    # ssl_certificate;
    # ssl_certificate_key;

    ssl_certificate     /etc/nginx/ssl/SSL.crt;
    ssl_certificate_key /etc/nginx/ssl/www.domainname.com.key;


ssl_certificate should be your concatenated file created in Step 3
should be the key file generated when you created the CSR.

Step 4: restart your server. Enjoy!


PS: I’ve seen some comments about using slightly different format, but haven’t tested that myself:

SSLCertificateFile      /etc/httpd/ssl/domain.crt
SSLCertificateKeyFile   /etc/httpd/ssl/domain.key
SSLCertificateChainFile /etc/httpd/ssl/intermediate.crt
Posted on April 29, 2016 at 11:53 by arte · Permalink
In: English, Linux, nginx, Ubuntu · Tagged with: 

Leave a Reply