How to install SSL in Nginx Servers

Posted in Linux May 31, 2018

This is one of the quick way to install SSL in NGINX Servers , i already have a tutorial for Apache , 

the Process is very simple and similar to Apache , the files are all same , its just , 

you need to make few changes with the certificates you receive and make a one single bundled ssl certificate

i will skip few steps , i assume you have generated CSR and then have , key file , and certificates you Received from the SSL providers,

if you find if difficult , you can check the tutorials from the SSL Apache Setup ,

or here is the Code 

openssl req -new -newkey rsa:2048 -nodes -keyout sangv_info.key -out sangv_info.csr

Once you have your CSR key you should receive your other Keys ,

So lets assue you have all these files from Comodo

  • Root CA Certificate - AddTrustExternalCARoot.crt
  • Intermediate CA Certificate - COMODORSAAddTrustCA.crt
  • Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
  • Your PositiveSSL Certificate - sangv_info.crt (or the subdomain you gave them)

This is for Nginx for be care full wile You are creating a single Certificate for nginx , Please follow up the pattern i have Mentioned , lets assume ssl_sangv_info.crt is the final single certificate , 

1. PositiveSSL Certificate - sangv_info.crt
2. COMODORSADomainValidationSecureServerCA.crt
3. COMODORSAAddTrustCA.crt
4. AddTrustExternalCARoot.crt
So you can use this quick cheat for the trick
cat sangv_info.crt COMODORSADomainValidationSecureServerCA.crt  COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl_sangv_info.crt

it Should give you a single file ssl_sangv_info.crt , and make sure you have sangv_info.key file, now you can store these files into your desired web content directory or you can store as below 

[root@sangv ~]# mkdir -p /etc/home/certs/sangv_info/
[root@sangv ~]# cp sangv_info.key ssl_sangv_info.crt /etc/home/certs/sangv_info/

The final Step would be to setup the ssl for Nginx from the config file

[root@sangv ~]# vim /etc/nginx/conf.d/
server {
listen 443;
ssl on;
ssl_certificate     /etc/home/certs/sangv_info/ssl_sangv_info.crt;
ssl_certificate_key /etc/home/certs/sangv_info/sangv_info.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
root /var/www/html;
index index.php index.html;

[root@sangv ~]# service nginx restart

Or for centos 7 

[root@sangv ~]# systemctl restart nginx

This should make the SSL working and you shall be able to visit , using https

sangv. Info