Today I moved my web server from HTTP to HTTPS. I used StartSSL to get a free certificate.
Performing this was relatively simple, specially following this tutorial: http://www.westphahl.net/blog/2012/01/03/setting-up-https-with-nginx-and-startssl/
Generating the necessary files on the linux machine (the csr is required by StartSSL):
openssl req -newkey rsa:2048 -keyout ithasu.key -out ithasu.csr
Then, to remove the passwork of the key:
openssl rsa -in ithasu.key -out /etc/nginx/ssl/ithasu.org.key
Then download the pem file from StartSSL and concatenate it with the StartSSL intermediate certificate (Class 1):
cat ithasu.org.pem sca.server1.crt | sudo tee /etc/nginx/ssl/ithasu.org_chain.pem
Then activate SSL server and specify keys in nginx configuration:
server {
...
listen 443 ssl default_server;
...
ssl_certificate /etc/nginx/ssl/ithasu.org_chain.pem;
ssl_certificate_key /etc/nginx/ssl/ithasu.org.key;
...
}
Et voilà !
Featured image from: https://www.flickr.com/photos/mapbox/ under Creative Commons license.