Updating COMODO SSL certificate with nginx and Easyengine

Here are the steps you can follow to setup/update COMODO SSL certificate in a Nginx server setup using easyengine.

  1. After you buy the certificate you will receive a zip file and a key file in the format of domain.name.key and domain_name.zip. Extract the zip file, it will have following files
    1. AddTrustExternalCARoot.crt
    2. COMODORSAAddTrustCA.crt
    3. COMODORSADomainValidationSecureServerCA.crt
    4. yourdomain.com.crt
  2. You need to make a bundle of these files into one crt file.
  3. To do that open yourdomain.com.crt file in a notepad and save as ‘bundle.crt’
  4. Then open each of the files, copy everything in them and append it to the bundle.crt file.
  5. Now create a ‘cert‘ in your  /var/www/yourdomain.com/ directory on the server.
  6. Move both yourdomain.key and bundle.crt file to cert folder.
  7. Edit ssl.conf file in /var/www/yourdomain.com/conf/nginx/ directory.

  1. Now restart Nginx and you are done.

     

To validate if everything is setup properly you can go to https://comodosslstore.com/ssltools/ssl-checker.php and put your domain name and check. In case you make any mistake make sure you have followed step 2, 3 and 4 properly.
You may receive java.security.cert.CertPathValidatorException when setting SSL certificate, it only means that your Intermediate/Chain certificate is missing, again the solution to this is to make sure you have followed step 2, 3 and 4 properly.

Updated on Jun 19, 2021