Install Nginx SSL Certificate

All the sites running with SSL are used https protocol on default port 443. SSL provides secure data communication by encrypting data between server and client. This article will help you to configure SSL in Nginx server. For this example we are using a self signed certificate.

Step 1: – Install Nginx Web Server
We are assuming that you already have Nginx installed on your system but in case you don’t have installed it already, Use following command to install it.
$ sudo apt-get install nginx
Step 2: – Get SSL Certificate
For creating SSL certificate, the first requirement is to create private key and CSR. A CSR is a file which have all details about domain including a public key. first create a directory where to create csr and key.
# mkdir /etc/nginx/ssl/
# cd /etc/nginx/ssl/
Now create CSR and key file with following command. Change name of files and as per your domains. This command will ask for enter information about your domain. Read more about creating CSR.
# openssl req -new -newkey rsa:2048 -nodes -keyout -out 
After creating CSR, Request an SSL certificate from any certificate providers like Geotrust, Comodo, Digicert or GoDaddy etc. After getting certificate from CA, combine your primary certificate and intermediate certificate file in single file. 

# cat DigiCertCA.crt >>

Step 3: - Setup VirtualHost with SSL
Let’s edit Nginx configuration file /etc/nginx/conf.d/ and add the following values.
# HTTPS Server Block

server {

    listen   443;

    root /var/www/;
    index index.html index.htm;

    ssl on;
    ssl_certificate /etc/nginx/ssl/;
    ssl_certificate_key /etc/nginx/ssl/;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
    ssl_prefer_server_ciphers on;

Step 4: – Restart NGINX
Finally restart nginx server for changes takes effect.
# service nginx restart

About Author:

I am a Linux Administrator and Security Expert with this site i can help lot's of people about linux knowladge and as per security expert i also intersted about hacking related news.TwitterFacebook

Newer Post
Older Post


Post a Comment