how to install ssl for nginx with core ubuntu

SSL Installation for NGINX with Core Ubuntu

To generate a CSR on Ubuntu (Nginx), please do the following:

Step 1 – Access your server via your terminal client (ssh). The first step will be generating the private key.  At the prompt, type:

openssl genrsa -out [private-key-file.key] 2048

Step 2 – Now, the private key has been generated, run the below command to generate the CSR.

openssl req -new -key [private-key-file.key] -out [CSR-file.txt]

Country Name (C): Use the two-letter code without punctuation for country.

– Country Name (C): Use the two-letter code without punctuation for the country.
– State or Province (S): Spell out the state completely; do not abbreviate the state or province name.
– Locality or City (L): The Locality field is the city or town name.
– Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example, XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
– Organizational Unit (OU): This field is the name of the department or organization unit making the request.
– Common Name (CN): The Common Name is the Host + Domain Name. 
– Optional Fields: When prompted, please do not enter your email address, challenge password or an optional company name when generating the CSR.  Pressing Enter/Return will leave these fields blank.

Step 3 – Your CSR file will then be created.

Step 4 – Proceed to Enrollment and paste the CSR in the enrollment form when required.

Now You have to Submit CSR to purchase SSL certificates when you purchase the following certificates make sure to this below steps.

You will get  3 files in certificates, one is .crt second is CA.crt and third will be the .key file.

Now Create a new file “domain-name.crt” on your server and paste the content of the .crt file on that, then create a file domain-name CA.crt and paste the content of CA.crt file in that, the create a file domain-name.key and paste the content of the .key file in that.

# vi domain-name.crt
# vi domain-nameCA.crt
# vi domain-name.key

Merge the primary and intermediate certificates

Step 1 – You need to concatenate your primary certificate file (.crt) and the intermediate certificate file (CA.crt) into a single .pem file.

Step 2 – To concatenate the files, run the following command:

cat domain-name.crt domain-nameCA.crt >> bundle.crt

Now go to the SSL folder on your server.

cd /etc/ssl/

Now move the certificates and key file to this folder.

# mv /root/domain-name.crt /etc/ssl/
# mv /root/domain-nameCA.crt /etc/ssl/
# mv /root/domain-name.key /etc/ssl/
# mv /root/bundle.crt /etc/ssl/

Now go to the Config file of Nginx of your domain.

# cd /etc/nginx/sites-available/

Now add the Below Lines in this file

listen 443 ssl;
ssl    on;
ssl_certificate    /etc/ssl/bundle.crt;
ssl_certificate_key    /etc/ssl/domain-name.key;

Save the file and then restart the NGINX service.


Restart NGINX

Moiz Ezzy

Moiz is a Server Engineer at RackBank Datacenters Pvt. Ltd.

How to create backup disk and configure in proxmox
How to Configute MongoDB

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2013-2021 RackBank© Datacenters Pvt. Ltd.

Data Center in India

Rated 4.7/5 based on 31 reviews at Google+