certificati

Copy and paste the content from the textbox below into a file and save it as ssl.key. Make sure, that you do not alter the content and you did not add any spaces! Save it in ASCII format (plain text).

Allowed are only letters and numbers, without spaces!

Decrypt the private key with the OpenSSL utility:

openssl rsa -in ssl.key -out ssl.key

or use the utility from the Tool Box.

Your certificate chain is incomplete. You need to include the Class 2 intermediate certificate to have a complete certificate chain, otherwise the browser needs to fetch it itself or will simply refuse the connection. It looks like you're running nginx, to have the server include the intermediate certificate follow these steps:

Download the intermediate certificate:

wget https://www.startssl.com/certs/sub.class2.client.ca.pem

(note: this is for StartSSL Class 2 certificates, don't use it with Class 1 certificates) Given your Class 2 certificate is called mycert.crt (or .pem or something else): Attach the intermediate certificate to the end of your certificate. (on a new line) On linux do:

cat mycert.crt sub.class2.client.ca.pem > mycert.chained.crt

and tell nginx to use mycert.chained.crt

See also: http://www.startssl.com/?app=42 (Please note that it is not required (and not recommended) to include the Root Certificate (ca.pem) as described on this page. If the root certificate is not present in the browser, the connection will fail no matter what)