- UPDATE: I have edited the below method to not include the
AddTrustExternalCARoot.crt
as part of the trusted certificate since, to my knowledge (and most people on the web), this cert should already exist in the clients' browser.
unzip scriptthe_net.zip
cat scriptthe_net.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt > ssl_certificate
cat COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt > ssl_trusted_certificate
This is how I setup my ssl keys for nginx. The file im catting them to is the associated configuration parameter in your server config. You'll define it like so:
ssl_certificate_key /etc/nginx/ssl/domain.key;
ssl_certificate /etc/nginx/ssl/domain.crt;
ssl_trusted_certificate /etc/nginx/ssl/trust.crt;
The key is self explanatory; its merely the key you generated when you first generated your csr+key pair