Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
  • Making NGINX Server HTTPS Certified

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 500
    Comment on it

    Making NGINX Server HTTPS Certified

    For making a server HTTPS compatible, these steps can be followed if you are purchasing the SSL certificate from Godaddy:

    1. Purchase an SSL certificate from Godaddy.
    2. Now login to your server using SSH
    3. ssh -i pemkeypath user@serverip
    4. Generate a private key and CSR file using openssl
    5. openssl req -newkey rsa:2048 -nodes -keyout -out    
      #Change the with your domain name
    6. Go to Godaddy and select your SSL certificate and click on setup and do as asked
    7. Now when asked paste the already generated CSR file and click on apply
    8. Now the verification process will start and from now follow the godaddy guidelines as they will prompt step by step, what is required next.
    9. For domain verification they may sent an HTML file that needs to be placed in server root folder and check whether it is opening appropriately as asked
    10. If not visible, change the permission of the file as public and reload again
    11. Again follow the instructions of Godaddy.
    12. Once the verification process is complete, you will get a zipped file to download. If you are using nginx or apache select apache and then download.
    13. Now once you extract the file, you will receive two .crt files :
      a. your SSL certificate which would have a random name
      b. Godaddy intermediate certificate bundle gd_bundle-g2-1.crt
    14. Rename your ssl certificate to your domain name i.e. and intermediate certificate to intermediate.crt
    15. Upload both the certificates to a secure location on server.
    16. For nginx you need to build a chained certificate by merging both the certificate files into on as:
    17.      cat intermediate.crt >
    18. Modify the listen directive in your nginx config file
    19.     listen 443 ssl;
    20. Now change the server_name directive and add the paths of ssl chained certificate and ssl certificate key
    21.     server_name;
          ssl_certificate /home/sammy/;
          ssl_certificate_key /home/sammy/;
    22. Change the protocols and ciphers
    23.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
          ssl_prefer_server_ciphers on;
          ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
    24. For redirecting all the http calls to https add the following lines in http section
    25.     server {
          listen 80;
          rewrite ^/(.*)$1 permanent;
    26. Now restart your server and your server is https now.

    27. For more blogs like this click here

 0 Comment(s)

Sign In

Sign up using

Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: