Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 

  • Making NGINX Server HTTPS Certified

    @raghvendra.singh
    Recommendations Offline Message

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 521
    Comment on it

    Making NGINX Server HTTPS Certified


    For making a server HTTPS compatible, these steps can be followed if you are purchasing the SSL certificate from Godaddy:

    1. Purchase an SSL certificate from Godaddy.
    2. Now login to your server using SSH
      3. ssh -i pemkeypath user@serverip
    3. Generate a private key and CSR file using openssl 
      4. openssl req -newkey rsa:2048 -nodes -keyout yourdomain.com.key -out yourdomain.com.csr    
#Change the yourdomain.com with your domain name
    4. Go to Godaddy and select your SSL certificate and click on setup and do as asked
    5. Now when asked paste the already generated CSR file and click on apply
    6. Now the verification process will start and from now follow the godaddy guidelines as they will prompt step by step, what is required next.
    7. For domain verification they may sent an HTML file that needs to be placed in server root folder and check whether it is opening appropriately as asked
    8. If not visible, change the permission of the file as public and reload again
    9. Again follow the instructions of Godaddy.
    10. Once the verification process is complete, you will get a zipped file to download. If you are using nginx or apache select apache and then download.
    11. Now once you extract the file, you will receive two .crt files :
      a. your SSL certificate which would have a random name
      b. Godaddy intermediate certificate bundle gd_bundle-g2-1.crt
    12. Rename your ssl certificate to your domain name i.e. yourdomain.com.crt and intermediate certificate to intermediate.crt
    13. Upload both the certificates to a secure location on server.
    14. For nginx you need to build a chained certificate by merging both the certificate files into on as:
      15.      cat yourdomain.com.crt intermediate.crt > yourdomain.com.chained.crt
    15. Modify the listen directive in your nginx config file
      16.     listen 443 ssl;
    16. Now change the server_name directive and add the paths of ssl chained certificate and ssl certificate key
      17.     server_name yourdomain.com;
    ssl_certificate /home/sammy/yourdomain.com.chained.crt;
    ssl_certificate_key /home/sammy/yourdomain.com.key;
    17. Change the protocols and ciphers
      18.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
    18. For redirecting all the http calls to https add the following lines in http section
      19.     server {
    listen 80;
    server_name yourdomain.com;
    rewrite ^/(.*) https://yourdomain.com/$1 permanent;
    }
    19. Now restart your server and your server is https now.

      20. For more blogs like this click here
    HTTPS Certification Server Setup nginx
    Comment on it

 0 Comment(s)

Sign In
Forgot Password?
                           OR                           
Create an account !!
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: