TLS certificate installation on an Nginx server
This help article describes how to install an TLS certificate on an Nginx server and then configure it.
Create a key file
The issued TLS certificate is delivered by email. The certificate arrives in text form encoded in Base64 format. Change the extension to .crt and copy the file to your server.
The Intermediate certificate, which you need for the certificate's trust, must be joined to one file with the leaf TLS certificate. This is the difference between Nginx and other servers, such as Apache.
Combine the two files (certificate and intermediate certificate) into one PEM file with the following command:
cat intermediate_cert.crt >> leaf_ssl_certificate.crt
The server certificate must go in the file first, followed by one or more intermediate certificates.
Server configuration
Now you need to edit the virtual host file of the Nginx server. Open this file and edit it.
- server {
- listen 443;
- ssl on;
- ssl_certificate /etc/ssl/joined_certificates.pem; (combination of two files, see above)
- ssl_certificate_key /etc/ssl/private_key.key;
- server_name your.domain.com;
- access_log /var/log/nginx/nginx.vhost.access.log;
- error_log /var/log/nginx/nginx.vhost.error.log;
- location / {
- root /home/www/public_html/your.domain.com/public/;
- index index.html;
- }
- }
Restart the Nginx with command sudo /etc/init.d/nginx restart
Is everything alright? Check the certificate installation in our simple tool. For more information read the article Check installation of TLS certificate.
We are sorry that you did not find the required information here.
Please help us to improve this article. Write us what you have expected and not found out.