Use the DigiCert OpenSSL CSR Wizard to generate an OpenSSL command for creating your Nginx CSR.
Installation and configuration steps for SafeNet and nShield HSMs supported by the PKI Enterprise Gateway and Autoenrollment Server components
If you have ordered a Code Signing or Document Signing certificate and selected “DigiCert-provided hardware token” as the provisioning method, DigiCert will ship a hardware token to the shipping address specified during enrollment.
When you generate a CSR, most server software asks for the following information: common name, organization name and location, key type, and key size.
Learn how to set up and install a certificate on your eToken.
Before DigiCert can issue your certificate, you must prove that you have control over the domains and any Subject Alternative Names (SANs) on your order.
If your server/device requires a different certificate format other than Base64 encoded X.509, a third party tool such as OpenSSL can be used to convert the certificates into the appropriate format.
If your code signing certificate is stored on a USB token, Hardware Security Module (HSM) or using DigiCert KeyLocker, it will not be possible to export the certificate as a PFX file.
This page contains the DigiCert dedicated IP addresses for DigiCert Online Certificate Status Protocol (OCSP), Certificate Revocation List (CRL), and a few other DigiCert services.