How to Install a SSL Certificate on Nginx
Last time I showed how easy it is to create an SSL request on Nginx, this time I’ll show you how easy it is to get your site up and running with it.
You are going to need your server.key file we created last time and the text of the SSL certificate. Most keys I’ve ever bought provide you with the actual file and the text in the email for your key.
As usual SSH onto your Linux server.
Lets go into the folder for our website:
cd /var/companya.com/
Create our SSL directories:
mkdir ssl
cd ssl
Lets create the server.key file:
nano server.key
Copy and paste your original key into there, and then [ctrl]+o to save, and then [ctrl]+x to exit.
Now lets use that publicly trusted certificate you’ve got:
nano servert.crt
Copy and paste your public SSL certificate into there, [ctrl]+o to save, and then [ctrl]+x to exit.
Now open up your site configuration
nano /etc/nginx/sites-enabled/gypthecat.com
Add a new server block at the bottom of that file that looks something like this:
server {
listen 12.34.56.78;
server_name www.gypthecat.com gypthecat.com;ssl on;
ssl_certificate /var/gypthecat.com/ssl/server.crt;
ssl_certificate_key /var/gypthecat.com/ssl/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;root /var/gypthecat.com/httpdocs/;
index index.php index.html index.htm;
access_log /var/gypthecat.com/logs/access.log combined;gzip on;
gzip_comp_level 5;
gzip_disable “MSIE [1-6]\.”;
}
Now lets restart Nginx:
service nginx restart
And open up your new HTTPS website!
Intermediate Certificates
Some SSL providers will provide an Intermediate Certificate to use, if we were using Apache we’d be using SSLCertificateChainFile, the process for Nginx is slightly different.
All we need to do is append the intermediate certificate with our SSL certificate. Type in:
nano intermediate.cer
Copy and paste the given certificate in there [ctrl]+o and then [ctrl]+x.
Now type in the following:
cat intermediate.cer >> server.crt
Restart Nginx and you should be good to go:
service nginx restart
2 Comments
[…] If you want to read what to do with the SSL certificate you get back read on how to get your Nginx SSL certificate functioning. […]
Many thanks for the post, just helped get my site back up and running again