March 7, 2011 · by weppos

Last week we installed and configured SSL support on our RoboDomain server. We purchased the certificate using GoDaddy. When you download the certificate from GoDaddy, the package contains your regular .crt but also a gd_bundle.crt file.

That confused me a bit. I was expecting just a single certificate file.

When you download your certificate, GoDaddy prompts you a select with several different options and instructions. The instructions tell you how to install the certificate on several different environments, but unfortunately Nginx is not included in the list.

I read the documentation about Apache and I noticed Nginx HttpSslModule has no SSLCertificateChainFile equivalent. Actually, it turns out you just need to append the content of gd_bundle.crt to the end of your certificate.

$ cp example.com.crt example.com.bundle.crt
$ cat gd_bundle.crt >> example.com.bundle.crt

Then, configure Nginx as explained in the HttpSslModule documentation.

ssl                  on;
ssl_certificate     /patch/to/ssl/example.com.bundle.crt;
ssl_certificate_key /patch/to/ssl/example.com.key;
business server