Syntax: | ssl_certificate |
---|---|
Default: | — |
Context: | mail , server |
Specifies a file
with the certificate in the PEM format for the given server. If intermediate certificates should be specified in addition to a primary certificate, they should be specified in the same file in the following order: the primary certificate comes first, then the intermediate certificates. A secret key in the PEM format may be placed in the same file.
Since version 1.11.0, this directive can be specified multiple times to load certificates of different types, for example, RSA and ECDSA:
server { listen 993 ssl; ssl_certificate example.com.rsa.crt; ssl_certificate_key example.com.rsa.key; ssl_certificate example.com.ecdsa.crt; ssl_certificate_key example.com.ecdsa.key; ... }
Only OpenSSL 1.0.2 or higher supports separate certificate chains for different certificates. With older versions, only one certificate chain can be used.
Please login to continue.