All websites hosted on Templ get a free SSL certificate from Let's Encrypt that is installed and renewed automatically. However, it's also possible to install a custom SSL certificate from a third party SSL provider.
This guide assumes that you have already bought your SSL certificate from a third party provider and that you have downloaded the certificate files.
There may be several certificate files, the ones needed for installation on Templ are the SSL certificates for Nginx:
domain.com.cert (SSL Certificate - should also include the certificate chain)
domain.com.key (Private key)
Some SSL providers will provide these two certificate files:
domain_com.ca-bundle (certificate chain as a separate file)
These files need to be combined into one file called domain.com.cert - which must match the private key after they are combined.
How to make sure that the SSL certificate matches the private key
The easiest way to make sure that the SSL certificate and its private key are matching is by using https://decoder.link/matcher. Simply paste the certificate and key and make sure it's a match.
Another way is to use openssl from the command line to verify that the certificate and private key match.
Check the certificate:
openssl x509 -noout -modulus -in your-ssl.cert |openssl md5
Check the private key:
openssl rsa -noout -modulus -in your-privatekey.key |openssl md5
Both of the above commands should give the same output which will look similar to:
Note: We won't be able to install your own SSL certificate if it doesn't match the private key.
The installation of custom SSL certificates is handled by Templ Support. Please send us the following two files (a combined SSL certificate for Nginx servers that is including the certificate and certificate chain and a matching private key file) using our support chat.