How to Install an SSL Certificate on NGINX

December 11, 2024 / SSL

Securing your website with SSL protects data and builds user trust. In this guide, we’ll walk you through the steps to efficiently install an SSL certificate on NGINX.

To successfully install an SSL certificate on your NGINX server, you will need the following files:

  • Primary certificate (.crt file)
  • Root and intermediate certificates (.ca-bundle file)

Once you have obtained these files from your Certificate Authority (CA), follow the steps below to complete the installation.

  1. Combine the Certificates: The first step is to combine all the certificates issued for your domain into a single file. You can do this either manually or using commands.

    Manual Combination: Ensure you follow this sequence when combining the certificates:
    1. Primary certificate for your domain.
    2. Intermediate certificates.
    3. Root certificate.Automatic Combination: Use the following commands to combine the certificates:

    1. If you have separate intermediate and root files:

    cat your_domain.crt intermediate.crt root.crt >> ssl-bundle.crt

    2. If your intermediate and root certificates are in a single .ca-bundle file:

    cat your_domain.crt bundle.crt >> ssl-bundle.crt

    Note: Replace your_domain.crt and bundle.crt with the actual file names.
    Save the combined file (ssl-bundle.crt) in your NGINX server’s SSL directory.

  2. Edit the NGINX Configuration File:
    Next, modify the NGINX configuration file (nginx.conf) to include the SSL settings.

    1. Locate the virtual host for port 443. If one doesn’t exist, duplicate the virtual host for port 80 and update it to listen on port 443.
    2. Add or update the following properties in the virtual host record:
      1. SSL on;
      2. ssl_certificate – Path to the combined SSL file (ssl-bundle.crt).
      3. ssl_certificate_key – Path to your private key file (generated during the CSR creation).
    3. Your updated configuration should look like this:
      server { 
      
          listen 443;  
      
          ssl on;  
      
          ssl_certificate /etc/ssl/ssl-bundle.crt;  
      
          ssl_certificate_key /etc/ssl/private.key;  
      
          server_name yourdomain.com;  
      
          access_log /var/log/nginx/nginx.vhost.access.log;  
      
          error_log /var/log/nginx/nginx.vhost.error.log;  
      
          location / {  
      
              root /var/www/;  
      
              index index.html;  
      
          }  
      
      }
  3. Restart NGINX
    After saving the configuration file, restart the NGINX server to apply the changes:sudo /etc/init.d/nginx restart
  4. Your SSL certificate will be installed successfully on your NGINX server.
  5. Verify
    To verify the installation, use an online SSL checker tool to confirm your site is secured.

You can now install an SSL Certificate on NGINX. If you need further assistance, please don’t hesitate to contact our support team.

Read Also: How to Install NGINX in WHM

Leave a Reply

Your email address will not be published. Required fields are marked *