Where is ssl_trusted_certificate after running "sudo /usr/local/bin/certbot-auto certonly --nginx"

I am using centos 8,
I generated certificate and private key successfully following this guide:

Running this command below:

sudo /usr/local/bin/certbot-auto certonly --nginx

The result is like this:

- Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:

As shown above, it generated one certificate and one private key.

Then I generated a nginx ssl configuration via this tool:

# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;

 # verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;

As shown above, there are two certificates, they are ssl_certificate and ssl_trusted_certificate, but certbot generate only one certificate.

So, where can I find the other certificate?

1 Like

/etc/letsencrypt/live/example.com/chain.pem – which contains the intermediate but not the root – works.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.