getodk · yanokwa · Aug 27, 2020 · Aug 26, 2020
diff --git a/odk1-src/central-install-digital-ocean.rst b/odk1-src/central-install-digital-ocean.rst
@@ -233,10 +233,11 @@ Using a Custom SSL Certificate
 
 By default, ODK Central uses Let's Encrypt to obtain an SSL security certificate. For most users, this should work perfectly, but larger managed internal networks may have their own certificate trust infrastructure. To use your own custom SSL certificate rather than the automatic Let's Encrypt system:
 
-1. Generate appropriate ``fullchain.pem`` (``-out``) and ``privkey.pem`` (``-keyout``) files.
-2. Copy those files into ``files/local/customssl/`` within the repository root.
-3. In ``.env``, set ``SSL_TYPE`` to ``customssl`` and set ``DOMAIN`` to the domain name you registered. As an example: ``DOMAIN=MyOdkCollectionServer.com``. Do not include anything like ``http://``.
-4. Build and run: ``docker-compose build nginx``, ``docker-compose stop nginx``, ``docker-compose up -d nginx``. If that doesn't work, you may need to first remove your old nginx container (``docker-compose rm nginx``).
+1. Generate a ``fullchain.pem`` (``-out``) file which contains your certificate followed by any necessary intermediate certificate(s).
+2. Generate a ``privkey.pem`` (``-keyout``) file which contains the private key used to sign your certificate.
+3. Copy those files into ``files/local/customssl/`` within the repository root.
+4. In ``.env``, set ``SSL_TYPE`` to ``customssl`` and set ``DOMAIN`` to the domain name you registered. As an example: ``DOMAIN=MyOdkCollectionServer.com``. Do not include anything like ``http://``.
+5. Build and run: ``docker-compose build nginx``, ``docker-compose stop nginx``, ``docker-compose up -d nginx``. If that doesn't work, you may need to first remove your old nginx container (``docker-compose rm nginx``).
 
 .. _central-install-digital-ocean-custom-mail: