I got the following files:
-
priv.key // This is my priv key and contains one —–BEGIN ENCRYPTED
PRIVATE KEY—– section -
req.csr // This is my certificate request file
-
cert.pem // This is my certificate I got back per mail and contains one —–BEGIN CERTIFICATE—– section
-
cacert_sha1.crt // this is the root CA I think
-
chain.txt // dont know whats that for but must be usefull according to some tutorials 🙂
I tried a lot of stuff and combined the files in a lot of different ways to new .pem files. But I always get a not signed error from the browser when I surf to the website
I always restarted nginx after changing my config.
Does anyone knows how to combine in the correct order/way? Are this all files I need ?
Thanks 🙂
Best Answer
The
ssl_certificate_key
directive specifies your private key (that's yourpriv.key
file).The
ssl_certificate
directive specifies a file containing a concatenation of your signed certificate (which you callcert.pem
), the Certificate Authority and zero or more chain files.The certificate signing request is not used by
nginx
.Care is required when concatenating the certificate files. Your certificate should be first. Also, there is a lot of extra junk in those chain files and I don't know if it gets ignored. You might want to edit the junk out.
See this document for more.