I got a cheapo SSL certificate from GoDaddy.com for one of our websites, installed it, and promptly got an invalid certificate error when I tried to test it with Safari. It worked fine in Firefox.
A little googling showed this was a common problem. I was cursing GoDaddy, but with a little more digging, I found that it was just their instructions that sucked. They don’t have any information about using their certs with nginx at all, but I figured it would work the same way it worked when I generated a self-signed certificate.
What was missing is that I needed to also install some “intermediate certificates” by appending them to the bottom of our certificate. GoDaddy doesn’t include these certificates if you choose to download your certificate for “Other” webserver. If you download the certificates for apache, they’ll include the intermediate certificates in the ZIP. Then all you have to do is add them under the certificate for your server.
I owe my understanding of the issue to “Setting up GoDaddy Turbo SSL on Nginx“.