I bought a SSL certificate from my domain provider and I can’t add it here.

When I try to add the certificate I got this error:

Invalid certificate data rpc error: code = InvalidArgument desc = The provided certificate or private key is not a valid PEM block.

Any help?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Hi @damataxi,

Depending on your WebService - Apache/Nginx, the SSL is added differently.

Before we start with the steps here is what you’ll need :

  • Your server certificate
  • Your intermediate certificates - CA
  • Your private key

Installation Instructions - Nginx

Copy the Certificate Files into the proper directory on your server. - /etc/ssl. They should be 3 as mentioned above.

Note: For better security, make them readable by root only.

Make the files load as one:

cat your_domain_name.crt Intermediate.crt >> YourDomainName.pem

Once you’ve added this open your virtual host file for the domain in question ad add the below code under the server block :

server {
  listen443;
    ssl on;
    ssl_certificate /etc/ssl/YourDomainName.pem;
  ssl_certificate_key /etc/ssl/YourDomainName.key;
  Here you'll have more code
}

Save the file and test your Nginx configuration with :

service nginx -t

If it says okay, then you can restart it and you should have your SSL installed.

Installation Instructions - Apache

It’s basically the same with the exception the configuration file is in a diffrent place and it’s edited a little bit differently:

<VirtualHost YourDomainName:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
... on
SSLCertificateFile /path/to/YourDomainName.crt;
SLCertificateKeyFile /path/to/YourDomainName.key
SSLCertificateChainFile /path/to/YourDomainNameCA.crt
</VirtualHost>

If you however are still receiving an error with the SSL, it would mean something is not correct from your certificate and key not matching up to your CA not being the correct one. For that you’ll need to contact your SSL provider.

Regards,
KDSys

@KDSys

Thank you for your answer but I need some questions.

I am not much experienced about SSL so here is the situation:

I bought SSL from my domain provider and I have “private key” and “certificate” and they are not files just bunch of string. Also I don’t know the intermediate certificates - CA I have not such a thing.

Should I create textfiles and copy paste them with some extensions? Can you be more clear to me I am just new to SSL I never done this manually before.

Submit an Answer