Certificate Installation: NGINX
1. Please save certificate files to your Nginx:
а) Copy the 2 files that you got from us to the directory on your server. The files must have the following extensions:
your_domain.crt – your SSL certificate somename.ca-bundle – certificate chain (root and intermediate/s)
b) Copy key file to the same directory (for example, your_domain.key). This is a file which you created while generating CSR.
2. Combine your certificate and chain file into one using one of the following methods:
Using command
cat your_domain.crt somename.ca-bundle >> ssl-bundle.crt
or
open both files via text editor (your_domain.crt and somename.ca-bundle) and put content of your_domain.crt over content of somename.ca-bundle save as ssl-bundle.crt
3. Set up a virtual host Nginx
Open the Nginx virtual host file for the website that you want to protect. If you want your website to be accessible for both secure (https) and non-secure (http) connections, you need two server modules - one for each type of connection. Copy the existing unsecured server module and paste it under the original. Then add the highlighted lines:
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/ ssl-bundle.crt;
ssl_certificate_key /etc/ssl/your_domain.key;
server_name your.domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/your.domain.com/public/;
index index.html;
}
}
4. Edit file names:
ssl_certificate – this is your certificate combined with a chain (e.g. ssl-bundle.crt). ssl_certificate_key – this is a key file that you created while generating CSR (e.g. your_domain.key)
5. Restart Nginx with the command:
sudo /etc/init.d/nginx restart