Install SSL certificate NGIX webserver

The following commands are executed on commandline.

When the request for your SSL certificate is completed, it will be sent to you in a zip file containing, at least, the following files:

  • The CA root certificate
  • One or more intermediate certificates
  • Your certificate
  • A readme file

NginX uses a bundle file for the installation of your SSL certificate. Open a new file in a text editor, such as Notepad, and copy the entire contents of the certificate files into the new file, starting with the SSL certificate, followed by all the intermediate certificates and finally the root certificate of the CA. This will look as follows:
----BEGIN CERTIFICATE---- (SSL certificate) ----END CERTIFICATE---- ----BEGIN CERTIFICATE---- (intermediate certificate) ----END CERTIFICATE---- ----BEGIN CERTIFICATE---- (root certificate) ----END CERTIFICATE----

Save the new file as 'certificatebundle.crt' and upload it to the server. While most Linux distributions use a default SSL folder, /etc/ssl/, it is recommended to create separate folders on your server where you save your certificates and your private keys. In this example, we use the folders /etc/ssl/certificates and /etc/ssl/keys.

Open the Nginx Virtualhost file of the website where you want to install the certificate. In this example, we use the folder /etc/nginx/sites-available/.

Configure the file as follows:
server{ listen 443; ssl on; ssl_certificate /etc/ssl/certificaten/certificatebundle.crt; ssl_certificate_key /etc/ssl/keys/www.yourcommonname.tld.key; server_name; access_log /var/log/nginx/nginx.vhost.access.log; error_log /var/log/nginx/nginx.vhost.error.log; location / { root /home/www/public_html/; index index.html; } }

The server can now be rebooted to load the new configuration using the following command:
/etc/init.d/nginx restart