Question

How to add SSL certificate (with files .ca-bundle, .crt and .p7b) to a droplet?

I purchased an SSL certificate from Sectigo and want to use it in my droplet. I received three files from Sectigo: *.ca-bundle *.crt *.p7b

When I try to add them to my droplet from Account -> Settings -> Security -> Add Certificate Digital Ocean asks for the following:

  • certificate
  • private key
  • chain certificate

I tried to put *.crt file content in the certificate, *.p7b file in private key, and *.ca-bundle in chain certificate, but I got the error message “Invalid certificate data: The provided certificate or private key is not a valid PEM block”

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

the private key is the key that was created when you generated the CSR as per the instructions on digital ocean’s “how to install an ssl certificate from a commercial certificate authority”. After you input the CSR code at the providers site, (for e.g. at NameCheap you have to cut and paste the CSR code on their site) they create the SSL certificate and send it to you.

Out of the three files they send, the file ending in “crt” is the certificate. I think the ca-bundle is the chain certificate, but I’m not sure if it will work if you have the ca-bundle filetype or whether you need to change it to crt. I have no idea about that one.