Windows
Let's Encrypt: CERT.PEM CHAIN.PEM FULLCHAIN.PEM PRIVKEY.PEM You'll be given these files from your ssl provider for use in your web server. for example, letsencrypt's certbot generates the following certificates, placed in /etc/letsencrypt/live/yourdomain-name/ : 1. CERT.PEM is the end-user certificate. 2. CHAIN.PEM is the rest of the chain; in this case, it's only letsencrypt's root certificate. 3. FULLCHAIN.PEM is cert.pem and chain.pem combined. this is the file passed to nginx with the ssl_certificate directive. 4. PRIVKEY.PEM is an RSA private key generated alongside the certificate. To use your certificates, you will have to pass them as parameters for your web server. For nginx, you'll want to specify the ssl_certificate (the full chain pem file), and ssl_certificate_key (the rsa private key pem file), after turning on ssl: SSL_CERTIFICATE /ETC/LETSENCRYPT/LIVE/YOURDOMAIN/FULLCHAIN.PEM; SSL_CERTIFICATE_KEY /ETC/LETSENCRYPT/LIVE/YOURDOMAIN/PRIVKEY.PEM; For Apache, setup is largely the same, but you’ll need to use the sslcertificatefile and sslcertificatekeyfile directives: SSLCERTIFICATEFILE /ETC/LETSENCRYPT/LIVE/YOURDOMAIN/FULLCHAIN.PEM SSLCERTIFICATEKEYFILE /ETC/LETSENCRYPT/LIVE/YOURDOMAIN/PRIVKEY.PEM