How to install Sectigo wildcard certificate on Nginx

https://sectigo.com/resource-library/install-certificates-nginx-webserver

https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA01N000000zFKz
(How do I make my own bundle file from CRT files?)

https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l00000117LT
(Certificate Chain Diagram)


1. Refer to the above link to create the ca-bundle.crt

 #cat SectigoRSAOrganizationValidationSecureServerCA.crt USERTrustRSACertificationAuthority.crt USERTrustRSAAAACertificateServerice.crt > domain.ca-bundle

2. Create the server.crt

#cat STAR_domain.crt domain.ca-bundle > server.crt

3. Prepare the server.key

#cp wildcard.domain.key  server.key

4. Replace /etc/nginx/ssl/server.crt and server.key by the above two file

5. Restart the nginx server

#systemctl restart nginx

Verify the certificate expiration date.

server.crt format 1. domain cert 2. rsa cert 3. root cert 4. cross-sign cert