Order’s status (“pending”) is not acceptable for finalization Lets EncryptOrder’s status (“pending”) is not acceptable for finalization Lets Encrypt

General information for default certificate locations for various services.
The order will be cert,key, ca/chain, combined (cert+ca)and their related directadmin.conf settings, where applicable.

Apache/LiteSpeed

apachecert=/etc/httpd/conf/ssl.crt/server.crt
apachekey=/etc/httpd/conf/ssl.key/server.key
apacheca=/etc/httpd/conf/ssl.crt/server.ca

OpenLiteSpeed

openlitespeed_cert=/usr/local/lsws/ssl.crt/server.crt
openlitespeed_key=/usr/local/lsws/ssl.key/server.key
openlitespeed_ca=/usr/local/lsws/ssl.crt/server.ca

Nginx

nginx_cert=/etc/nginx/ssl.crt/server.crt
nginx_key=/etc/nginx/ssl.key/server.key
nginx_ca=/etc/nginx/ssl.crt/server.ca
/etc/nginx/ssl.crt/server.crt.combined

Exim + Dovecot

/etc/exim.cert
/etc/exim.key

Note that the exim.cert contains BOTH the cert and the ca, in that order.

User Domain

/usr/local/directadmin/data/users/USER/domains/DOMAIN.COM.cert
/usr/local/directadmin/data/users/USER/domains/DOMAIN.COM.key
/usr/local/directadmin/data/users/USER/domains/DOMAIN.COM.ca
/usr/local/directadmin/data/users/USER/domains/DOMAIN.COM.combined

DirectAdmin may automatically create the .combined version of the cert, when needed by various servers.
If you see one on disk beside the cert, put the cert + ca into the combined file, eg:

cat /etc/nginx/ssl.crt/server.crt /etc/nginx/ssl.crt/server.ca > /etc/nginx/ssl.crt/server.crt.combined