I am setting up an nginx server for the first time using ssl. I bought an ssl certificate, did the whole thing where I generate a csr. I have activated my ssl purchase and finally downloaded the certificate.
When I downloaded the certificate I got a zip folder. the zip folder had 3 files in it; my_site.ca-bundle , my_site.crt, and my_site.p7b .
I understand how I am supposed to configure nginx , but I don't know the significance of the ca-bundle and the p7b file that was included in the download.
for nginx configuration I just need a crt file and the key from when I generated the CSR:
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate www.example.com.chained.crt;
ssl_certificate_key www.example.com.key;
...
}
Are the ca-bundle and p7b files important, or is the crt file the only thing I need?
Best Answer
http://nginx.org/en/docs/http/configuring_https_servers.html
Since your SSL vendor has provided you with a CA bundle, you probably need it. Combine your
.crt
and.ca-bundle
files into a file, put it on the server, and pointssl_certificate
at it.You should be the only one with the
ssl_certificate_key
file - you'd likely have generated it when you made your CSR.Ignore the
.p7b
, I believe it's for IIS.