RapidSSL cert installation on nginx server
I recently installed RapidSSL cert and got “not trusted” message on Android (desktop browsers were both ok)
Now… this is how to install RadidSSL cert properly.
Step 1: got and check your installation here https://cryptoreport.rapidssl.com/checker/views/certCheck.jsp – if you’ve got nothing working yet – just download RapidSSL SHA256 CA cert from here:
Or choose the one you like the most (only kidding – the one that you actually need SHA256) from -> https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1549
Save this cert as intermediate.crt
Step 2:
Save your cert you received via email as SSL.crt
Step 3:
- You need to combine the SSL.crt file and the intermediate.crt into a single concatenated file
- To get a single concatenated file out of the Intermediate CA and the SSL Certificate run the following command:cat intermediate.crt >> SSL.crt
Step 4:
This is a part of my nginx config file:
server { listen 80 default_server; listen 443 ssl; server_name default; root /home/forge/default/public; # FORGE SSL (DO NOT REMOVE!) # ssl_certificate; # ssl_certificate_key; ssl_certificate /etc/nginx/ssl/SSL.crt; ssl_certificate_key /etc/nginx/ssl/www.domainname.com.key;
ssl_certificate should be your concatenated file created in Step 3
ssl_certificate_key should be the key file generated when you created the CSR.
Step 4: restart your server. Enjoy!
PS: I’ve seen some comments about using slightly different format, but haven’t tested that myself:
SSLCertificateFile /etc/httpd/ssl/domain.crt
SSLCertificateKeyFile /etc/httpd/ssl/domain.key
SSLCertificateChainFile /etc/httpd/ssl/intermediate.crt
In: English, Linux, nginx, Ubuntu · Tagged with: nginx