In the nginx configuration referenced here, there is a map at the top to configure which certificates are allowed.