Skip to content
This repository was archived by the owner on Dec 18, 2024. It is now read-only.

SSL With GoDaddy

Waseem Ahmad edited this page Jul 16, 2014 · 2 revisions

After generating .csr (certificate signing request) and .key file, on the server using openssl, and uploading the .csr file to GoDaddy, it gives us a zip file which has two files in it. One named as xyzerhfgxx.crt and another as gd_bundle-xx-xx.crt. The first one is the server certificate and the latter is bundle of chained certificates.

In order to SSL to work properly on all browsers including the ones the freshly installed ones that do not have some of the certificates in the chain with them, we must serve the server certificate and the chained certificates.

First create a combined certificate for the whole chain.

$ cat xyzerhfgxx.crt gd_bundle-xx-xx.crt > bookfair.crt

# mv bookfair.crt /etc/ssl/certs/

In the Nginx configuration file,

server {
  ...
  ssl on;
  ssl_certificate /etc/ssl/certs/bookfair.crt;
  ssl_certificate_key /etc/ssl/private/bookfair.key;
  ...
}

We must already have the .key file generated in the step when we generate .csr file.

Notes:

https://devcenter.heroku.com/articles/ssl-endpoint

http://superuser.com/questions/452063/the-certificate-is-not-trusted-because-no-issuer-chain-was-provided

http://nginx.org/en/docs/http/configuring_https_servers.html#chains

Clone this wiki locally