Question
How to add SSL certificate (with files .ca-bundle, .crt and .p7b) to a droplet?
- Posted on November 9, 2020
- NginxSecurityUbuntuInitial Server Setup
Asked by abdullahth
I purchased an SSL certificate from Sectigo and want to use it in my droplet. I received three files from Sectigo: *.ca-bundle *.crt *.p7b
When I try to add them to my droplet from Account -> Settings -> Security -> Add Certificate Digital Ocean asks for the following:
- certificate
- private key
- chain certificate
I tried to put *.crt file content in the certificate, *.p7b file in private key, and *.ca-bundle in chain certificate, but I got the error message “Invalid certificate data: The provided certificate or private key is not a valid PEM block”
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
the private key is the key that was created when you generated the CSR as per the instructions on digital ocean’s “how to install an ssl certificate from a commercial certificate authority”. After you input the CSR code at the providers site, (for e.g. at NameCheap you have to cut and paste the CSR code on their site) they create the SSL certificate and send it to you.
Out of the three files they send, the file ending in “crt” is the certificate. I think the ca-bundle is the chain certificate, but I’m not sure if it will work if you have the ca-bundle filetype or whether you need to change it to crt. I have no idea about that one.