How to Install a SSL Certificate on Nginx
internet, Uncategorized

How to Install a SSL Certificate on Nginx

Last time I showed how easy it is to create an SSL request on Nginx, this time I’ll show you how easy it is to get your site up and running with it.

You are going to need your server.key file we created last time and the text of the SSL certificate.  Most keys I’ve ever bought provide you with the actual file and the text in the email for your key.

As usual SSH onto your Linux server.

Lets go into the folder for our website:

cd /var/companya.com/

Create our SSL directories:

mkdir ssl

cd ssl

Lets create the server.key file:

nano server.key

Copy and paste your original key into there, and then [ctrl]+o to save, and then [ctrl]+x to exit.

Now lets use that publicly trusted certificate you’ve got:

nano servert.crt

Copy and paste your public SSL certificate into there, [ctrl]+o to save, and then [ctrl]+x to exit.

Now open up your site configuration

nano /etc/nginx/sites-enabled/gypthecat.com

Add a new server block at the bottom of that file that looks something like this:

server {

listen 12.34.56.78;
server_name www.gypthecat.com gypthecat.com;

ssl on;
ssl_certificate /var/gypthecat.com/ssl/server.crt;
ssl_certificate_key /var/gypthecat.com/ssl/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;

root /var/gypthecat.com/httpdocs/;
index index.php index.html index.htm;
access_log /var/gypthecat.com/logs/access.log combined;

gzip on;
gzip_comp_level 5;
gzip_disable “MSIE [1-6]\.”;
}

Now lets restart Nginx:

service nginx restart

And open up your new HTTPS website!

Intermediate Certificates

Some SSL providers will provide an Intermediate Certificate to use, if we were using Apache we’d be using SSLCertificateChainFile, the process for Nginx is slightly different.

All we need to do is append the intermediate certificate with our SSL certificate.  Type in:

nano intermediate.cer

Copy and paste the given certificate in there [ctrl]+o and then [ctrl]+x.

Now type in the following:

cat intermediate.cer >> server.crt

Restart Nginx and you should be good to go:

service nginx restart

Written by gyp - July 15, 2012 - 3322 Views
Tags | , ,

You Might Also Like

A Tinyproxy Transparent Installation on Ubuntu 12.04 with HTTPS Support

October 8, 2012

ISC(2) CISSP Revision Notes – Cryptography

November 25, 2013

How to Block Internet Access with Group Policy (GPO)

July 9, 2017

2 Comments

  • How to Create a CSR with Nginx using OpenSSL | Gyp the Cat dot Com July 16, 2012 at 8:56 pm

    […] If you want to read what to do with the SSL certificate you get back read on how to get your Nginx SSL certificate functioning. […]

    Reply
  • Ryan December 24, 2014 at 3:34 pm

    Many thanks for the post, just helped get my site back up and running again

    Reply

    • Please Post Your Comments & Reviews

    Your email address will not be published. Required fields are marked *