Once the CA has shared the certificate files with you, it’s time to install them on your server! The steps below detail the installation process. We also will take a look at the configurations that need to be tweaked in order to get HTTPS up and running.
1. Connect to the ServerConnect to your Nginx server (from which you generated the CSR) via FTP or SSH using a privileged account.
2. Copy All of the Certificate FilesCopy all the files in the certificate package that was shared by the CA and place them in the appropriate directories. It’s recommended to store them under the “/etc/ssl” directory on your server.
3. Combine the Primary and Intermediate CertificatesFor the next step, run the following command to concatenate your primary and intermediate certificates:
cat your_domain_name.crt intermediate.crt >> bundle.crt
4. Edit the Nginx Virtual Hosts FileNext, edit your virtual host files to reroute connections through port 443 by adding the code snippet given below in bold:
5. Restart Nginx.server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/your_domain_name.pem; (or bundle.crt)
ssl_certificate_key /etc/ssl/your_domain_name.key;
server_name your.domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/your.domain.com/public/;
index index.html;
}
}
Restart your server using the following command:
sudo /etc/init.d/nginx restart