The following instructions will guide you through the SSL Certificate installation process on Nginx. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure.
- Copy your Certificate files
Copy your Certificate files into the proper directory on your server.
- Link your files
You need to link the two certificates or "chain them together" into a single file by entering the command below:
cat your_domain_name.crt Intermediate.crt >> bundle.crt
- Edit the Nginx virtual hosts file
Edit your Nginx virtual host file for the website you are securing.
If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a server module for each type of connection.
Make a copy of the existing non-secure server module and paste it below the original. Add the lines shown below:
server {
listen443;
ssl on;
ssl_certificate /etc/ssl/your_domain_name.pem; (or bundle.crt)
ssl_certificate_key /etc/ssl/your_domain_name.key;
server_name your.domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/your.domain.com/public/;
index index.html;
}
}
- Important — Make sure you adjust the file names to match your certificate files:
• ssl_certificate should be your primary certificate combined with the root & intermediate certificate bundle that you made in the previous step (e.g. your_domain.crt).
• ssl_certificate_key should be the key file generated when you created the CSR.
- Restart Nginx
Restart Nginx using the command line below:
sudo /etc/init.d/nginx restart
Your certificate is now installed. You can navigate to your site in a web browser and view the certificate/site information to verify if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.