Add an SSL certificate to NGINX

Today I moved my web server from HTTP to HTTPS. I used StartSSL to get a free certificate.

Performing this was relatively simple, specially following this tutorial:

Generating the necessary files on the linux machine (the csr is required by StartSSL):

openssl req -newkey rsa:2048 -keyout ithasu.key -out ithasu.csr

Then, to remove the passwork of the key:

openssl rsa -in ithasu.key -out /etc/nginx/ssl/

Then download the pem file from StartSSL and concatenate it with the StartSSL intermediate certificate (Class 1):

cat sca.server1.crt | sudo tee /etc/nginx/ssl/ithasu.org_chain.pem

Then activate SSL server and specify keys in nginx configuration:

server {
  listen 443 ssl default_server;
  ssl_certificate /etc/nginx/ssl/ithasu.org_chain.pem;
  ssl_certificate_key /etc/nginx/ssl/;

Et voilà !

Featured image from: under Creative Commons license.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.