I am using centos 8,
I generated certificate and private key successfully following this guide:
Running this command below:
sudo /usr/local/bin/certbot-auto certonly --nginx
The result is like this:
//... IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/example.com/privkey.pem //...
As shown above, it generated one certificate and one private key.
Then I generated a nginx ssl configuration via this tool:
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate ssl_certificate /path/to/signed_cert_plus_intermediates; ssl_certificate_key /path/to/private_key; # verify chain of trust of OCSP response using Root CA and Intermediate certs ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
As shown above, there are two certificates, they are
ssl_trusted_certificate, but certbot generate only one certificate.
So, where can I find the other certificate?