How to Install SSL Certificate on NGINX

Introduction

SSL (Secure Sockets Layer) is a security protocol that provides encryption and authentication for secure communication over the internet. Installing an SSL certificate on your NGINX web server is an important step in ensuring that your website is secure and your visitors’ data is protected. In this guide, we will show you how to install an SSL certificate on your NGINX web server. We will cover the steps for both self-signed and commercial certificates. We will also discuss how to configure your NGINX server to use the certificate. By the end of this guide, you will have a secure website that your visitors can trust.

How to Install SSL Certificate on NGINX

1. Generate a Certificate Signing Request (CSR)

2. Purchase an SSL Certificate

3. Activate the SSL Certificate

4. Install the SSL Certificate on your NGINX server

5. Configure the NGINX server to use the SSL Certificate

6. Test the SSL Certificate installation

Introduction

Installing an SSL Certificate on NGINX ensures a safe connection between your web server and browser. It encrypts the data transmitted over the internet so that it is only visible to the intended recipient.

If you have several NGINX servers, you need to buy and install SSL certificates on each server to activate the HTTPS protocol. To learn more about SSL certificates and how they work, check out our in-depth guide on SSL certificate types.

This article will show you how to install an SSL certificate on NGINX with simple, step-by-step instructions.

Tutorial on how to install SSL certificates on NGINX

Prerequisites

Install SSL Certificate NGINX Server Steps

This guide assumes you have already generated a certificate signing request and received your SSL certificate issued by a Certificate Authority (CA). If you are yet to obtain a certificate, follow our guide on generating a certificate signing request (CSR) and submitting it to a CA.

Step 1: Combine All Certificates into a Single File

You should have received your SSL certificate via email in the form of a .zip file. Once you download and extract the file, you will see it consists of a server certificate, a root certificate, and an intermediate certificate.

The first step is to combine all three files into one.

diagram showing Combines certificates into a single SSL bundle file

You can do this manually, by copying and pasting the content of each file in a text editor and saving the new file under the name ssl-bundle.crt.

You can also do this via command-line. The command to merge the certificates into one file will depend on whether you have separate intermediate files or if these files are inside a single .ca-bundle file.

a) If all three certificates are listed separately, use the command:

cat your_domain.crt intermediate.crt root.crt >> ssl-bundle.crt

b) If the intermediate certificates are in one bundle, run:

cat your_domain.crt your_domain.ca-bundle >> ssl-bundle.crt

Note: Make sure you save the ssl-bundle.crt file in the etc/ssl directory.

Step 2: Edit NGINX Configuration File

Next, configure the NGINX server block (AKA virtual host file) for your server.

If you don’t know the location of the file, run the command:

sudo find nginx.conf

Open the file to make the necessary modifications.

The easiest way to set up the configuration is to copy the original server module, paste it below, and edit the content.

  1. Start by specifying the server should listen to port 443: listen 443;
  2. Make sure the server block includes the line: ssl on;
  3. Define the path of the SSL certificate: ssl_certificate /etc/ssl/ssl-bundle.crt;
  4. Specify the directory where the SSL Certificate Key is located: /path/to/your_private.key;

The configuration file should look similar to the one below:

server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /path/to/your_private.key;
root /path/to/webroot;
server_name your_domain.com;
}
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /var/www/;
root  /home/www/public_html/your.domain.com/public/;
index index.html;
}
}

Save and exit the file.     Step 3: Restart NGINX Server  

For your configuration changes to take place, you need to restart your NGINX server. To do so, run the command:

sudo systemctl restart nginx

Step 4: Verify SSL Certificate

The best way to check you have successfully installed the SSL certificate on NGINX is to connect to your server via browser.

Open a browser of your choice and navigate to your domain using the https protocol:

https://your.domain.com

You should see a locked padlock verifying that the SSL certificate is now set up on your server. as in the image below:

Verify SSL certificate installation on Nginx with padlock symbol

Conclusion

If you have followed the outlined steps above, you should have installed an SSL Certificate on you NGINX server. Make sure to install separate certificates on each machine if you have more than one NGINX server.

Let’s Encrypt is a free certificate authority that allows you to set up protection on your NGINX server. Check out our article on how to set up Let’s Encrypt to secure your Nginx server.

How to Install SSL Certificate on NGINX

Installing an SSL certificate on NGINX is a relatively straightforward process. It requires a few steps, but once you understand the process, it can be completed quickly and easily. This guide will walk you through the process of installing an SSL certificate on NGINX.

Step 1: Generate a Certificate Signing Request (CSR)

The first step in the process is to generate a Certificate Signing Request (CSR). This is a file that contains information about your website and the domain name you are securing. It is used to generate the SSL certificate. To generate a CSR, you will need to use a tool such as OpenSSL. Once you have generated the CSR, you will need to submit it to the Certificate Authority (CA) that you are using to obtain the SSL certificate.

Step 2: Install the SSL Certificate

Once you have received the SSL certificate from the CA, you will need to install it on your NGINX server. To do this, you will need to copy the certificate and the private key to the server. Once you have done this, you will need to edit the NGINX configuration file to enable the SSL certificate. You will need to add the following lines to the configuration file:

ssl_certificate     /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;

Once you have added these lines, you will need to restart the NGINX server for the changes to take effect.

Step 3: Configure NGINX to Use the SSL Certificate

Once the SSL certificate is installed, you will need to configure NGINX to use it. To do this, you will need to add the following lines to the NGINX configuration file:

server {
    listen 443 ssl;
    ssl_certificate     /path/to/certificate.crt;
    ssl_certificate_key /path/to/private.key;
    ...
}

Once you have added these lines, you will need to restart the NGINX server for the changes to take effect.

Step 4: Test the SSL Certificate

Once you have installed and configured the SSL certificate, you will need to test it to make sure it is working properly. To do this, you can use a tool such as SSL Labs to test the SSL certificate. This will allow you to check for any errors or issues with the SSL certificate.

Conclusion

Installing an SSL certificate on NGINX is a relatively straightforward process. It requires a few steps, but once you understand the process, it can be completed quickly and easily. This guide has walked you through the process of installing an SSL certificate on NGINX.

Jaspreet Singh Ghuman

Jaspreet Singh Ghuman

Jassweb.com/

Passionate Professional Blogger, Freelancer, WordPress Enthusiast, Digital Marketer, Web Developer, Server Operator, Networking Expert. Empowering online presence with diverse skills.

jassweb logo

Jassweb always keeps its services up-to-date with the latest trends in the market, providing its customers all over the world with high-end and easily extensible internet, intranet, and extranet products.

Contact
San Vito Al Tagliamento 33078
Pordenone Italy
Item added to cart.
0 items - 0.00
Open chat
Scan the code
Hello 👋
Can we help you?