After installing the SSL certificate on the Nginx web server, you need to check if it is installed correctly.
I installed the SSL certificate two months ago. The Sectigo ECC certificate.
Now I change the certificate files.
Previously, I put the site SSL certificate file content and the SSL-bundle file altogether. The final SSL certificate file is 4.36KB. It includes three certificates. The guide is from Comodo official site. Sectigo site has a similar guide here.
Now, I remove the last one. Just keep the site certificate and the middle one. Total size is 3.01KB.
The certificate I deleted from the old file is for USERTrust ECC Certification Authority. It is already included in the Trusted Root CA list.
Then, I tested the new certificate file, which has two certificates only, on different online SSL checking tools.
![](https://www.yinfor.com/wp-content/uploads/2019/03/geocerts-result-319x500.jpg)
![](https://www.yinfor.com/wp-content/uploads/2019/03/sslshopper-result-468x500.jpg)
![](https://www.yinfor.com/wp-content/uploads/2019/03/digicert-result-366x500.jpg)
![](https://www.yinfor.com/wp-content/uploads/2019/03/ssllab-result-500x425.jpg)
All these results look good.
Small SSL certificates file reduce the time of SSL negotiation when a client browser request the web page.
SSL Negotiation
Before: 151ms
After: 77ms
![](https://www.yinfor.com/wp-content/uploads/2019/03/webpagetest-ssl-negotiation-500x335.jpg)
Now the first byte time is 0.245s. I like the performance. It is close to the good stand. Much better than the OK.
Reference:
- https://www.geocerts.com/ssl-checker
- https://www.sslshopper.com/ssl-checker.html
- https://www.digicert.com/help/
- https://www.ssllabs.com/ssltest/