installtion RapidSSL on Nginx reverse proxy at front end Apache

Hi everyone,

I spent almost the whole day trying to configure my RapidSSL certificate with Nginx reverse proxy, but wasn’t able to get it right.

I generated private key and managed to get the cer file from my cert issuer.

now I’m a bit confused since I have some issues configuring a new block on nginx as follow:

add_header Strict-Transport-Security max-age=31536000; add_header X-Frame-Options DENY;

server{ listen 443 ssl; ssl on; ssl_certificate /etc/ssl/mycrt.crt; ssl_certificate_key /etc/ssl/server.key; ssl_session_timeout 5m; ssl_session_cache shared:SSL:10m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; root /home/www/; index index.php index.html index.htm;

    server_name mydomain.com;

    location / {
    try_files $uri $uri/ /index.php;
    }

    location ~ \.php$ {

    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $host;
    proxy_pass http://127.0.0.1:8080;

     }
     location ~ /\.ht {
            deny all;
    }

}

The weird issue is that nginx get failed when restarted if only my mycrt.crt and intermediate certificate are combined. The error says value of keys don’t match.

however, when I add mycrt.crt alone and private key in nginx vhost block as stated above, Nginx restart fine and pass. how about the intermediate chain keys??

I followed this tut here, but seems there is something missing… https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO17664

did anyone managed configuring RapidSSL cert? please share your way of doing that…

does anyone know what to do next or what I’m missing??

Thanks