1. Apply for a certificate

(1) Use the bound domain name to apply for a certificate.

(2) After application, set up domain name resolution. If your domain name is registered through a third-party platform, please go to the domain name corresponding resolution service system to modify the domain name resolution settings.

(3) After resolution is completed, please verify whether it is done. Verification methods are as follows:

Manual DNS verification: This method requires you to log in to the domain management console and configure the domain verification information in the domain resolution list (add a TXT type DNS resolution record).

You need the management authority of domain name resolution to complete the verification.

File verification: This verifies the ownership of the domain name by creating a specified file on your domain server. You need the administrator authority of the domain server to complete the verification.

After verification, you need to wait for some time before it can take effect.

(4) After completion, download the certificate.

Note: The downloaded certificate generally comes in various formats, just select Nginx, the downloaded certificate is generally in the formats like: PEM, KEY, CRT, etc.

Click to add a certificate, you need to fill in the public key and private key contents in the popup.

(1) Add public key

Download the certificate, open the file, copy all contents, and paste it into the certificate content in the figure below.

The public key (certificate content) format is:

 -----BEGIN CERTIFICATE-----

                         ......

     -----END CERTIFICATE-----

(2) Add intermediate certificate

To avoid HTTPS communication failure between the client and the server when adding an SSL certificate, an intermediate certificate also needs to be added.

Usually, the downloaded SSL certificate already contains the intermediate certificate, so you can directly add the SSL certificate.

For example, after downloading the Nginx certificate file, the domain name_chain.crt file in it already contains the intermediate certificate.

If the received certificate has been merged, you don't need to operate the following steps, just add it directly (whether it's merged can be consulted with the SSL certificate provider).

If you need to merge the certificate when adding, but you don't know how to do it, you can use https://myssl.com/chain_download.html to merge the certificate and copy the merged certificate content to the certificate content.

(3) Add private key

Copy the private key Key content, paste it into the Key content in the figure below, if you don't know the private key, please contact the certificate service provider.

Private key format:

-----BEGIN RSA PRIVATE KEY-----

                            ......

        -----END RSA PRIVATE KEY-----

                           or

        -----BEGIN PRIVATE KEY-----

                            ......

        -----END PRIVATE KEY-----