SSL Installation Guide for Nginx Web Server

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)

SSL Certificates Installation Guideline for Nginx Web Server

First of all, create a ‘Certificate Bundle’ to get started with the procedure of SSL installation in Nginx. For creating the bundle, each certificate (SSL certificate, Intermediate certificate and Root certificate) needs to be in the PEM format.

  • In a plain text editor, open each certificates.
  • Now proceed by creating a new document in a plain text editor.
  • Your SSL Certificate
  • Intermediate SSL certificate
  • Root SSL Certificate

This completes your file and its format should be as follows:

#Your SSL Certificate#
#Intermediate Certificate#
#Root Certificate#

This newly-created certificate bundle should be saved in a ‘.crt’ format.
After saving it properly, upload the certificate bundle along with the private key to a directory on the Nginx server.
After that, edit the Nginx virtual hosts file.

For that, open the Nginx virtual host file for the website you intend to secure. In case you want your site to be accessible through both, secure (https) and non-secure (http) connections, you need to have a server module for each connection type.

Now proceed by making a copy of the existing non-secure module and pasting it below the original. Add the lines in the format given below:

listen 443;
ssl on;
ssl_certificate /etc/ssl/your_domain.crt;
ssl_certificate_key /etc/ssl/your_domain.key;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/;
index index.html;

Please note it is very important to make sure you adjust the file names so as to match your certificate files.

  • Ssl_certificate should be your primary certificate which is combined with the root and intermediate certificate bundle created in previous steps. For example, your_domain.crt.
  • When you generate the CSR, ssl_certificate_key should be the key file that is created.
  • Now restart Nginx.
sudo /etc/init.d/nginx restart


NGINX Wildcard SSL Certificates

RapidSSL Logo
NGINX Wildcard SSL Certificate allows multiple servers subdomains security with single SSL certificate.