Nginx

How to Install SSL Certificate On Nginx Web Server

by Santosh Prasad

Once the certificate is issued and sent to you by the Certificate Authority, Now proceed with the certificate installation on your Nginx web server.

In this article I will show you how you can install SSL certificate on Nginx web server.

Combine all Certificate

First of all you have combine certificate into one file, you need to concatenate the certificate issued for your domain with intermediate and root certificates into one file. The order of the certificates in the file is important. The certificate for your domain name should go first, intermediate certificates should follow it and the last certificate in the chain should be the root one.

You can combine the certificate file either manually, copying and pasting the correspondent certificate into one single file or you can use the below commands if the certificate files were uploaded to the server.

If you got the intermediate and root certificate separately, follow the below command.

# cat your_domain.crt intermediate.crt root.crt >> looklinux-bundle.crt

If you got the intermediate certificates in one bundle file or downloaded the certificate files in your account with us, you can use below command:

# cat example_com.crt bundle.crt >> ssl-bundle.crt

Place the concatenated file into the directory with SSL certificates on your Nginx server.

Edit Nginx Configuration File

Next you need to modify your nginx configuration (default is /etc/nginx.conf) file after the certificate is uploaded and edit or add virtual host for 443 port for your website.

If there is no virtual host for 443 port, you can duplicate the record for port 80 (it should be in the configuration file by default) and change port 80 to port 443. Simply add it below the non-secure module.

Next in addition you will need to add the below lines in the record.

ssl on;
ssl_certificate /certificate/path/
ssl_certificate_key /certificate_key/path/

The completed Virtual Host file should look something like this.

server {
	listen 443;
	ssl on;

	ssl_certificate /etc/ssl/looklinux-bundle.crt;
	ssl_certificate_key /etc/ssl/www.looklinux.key;
	server_name www.looklinux.com;

	access_log /var/log/nginx/nginx.vhost.access.log;
	error_log /var/log/nginx/nginx.vhost.error.log;

location / {

	root /var/www/html/;
	index index.html;

 }
}

Now restart the Nginx web server after modifications are saved.

If you want to configure OCSP Stapling on your server, please add the following lines to the virtual host section for the website:

      ssl_stapling on;
      ssl_stapling_verify on;
OCSP Stapling can be configured on Nginx server starting from 1.3.7+
Thank you! for visiting LookLinux.

If you find this tutorial helpful please share with your friends to keep it alive. For more helpful topic browse my website www.looklinux.com. To become an author at LookLinux Submit Article. Stay connected to Facebook.

You may also like

About the author

mm

Santosh Prasad

Hi! I'm Santosh and I'm here to post some cool article for you. If you have any query and suggestion please comment in comment section.

View all posts

Leave a Comment