Notes of a Pragmatic Geek

by Daniel Khan

Setting up SSL with Nginx

This snipped describes the SSL setup on a typical linux system like ubuntu.

cd /etc/nginx/
mkdir ssl

cd ssl

# prepare some directories
mkdir crt
mkdir csr
mkdir key

cd key
sudo openssl genrsa -des3 -out server.key 2048
# you have to set the passphrase

# now remove the passphrase
sudo openssl rsa -in server.key -out server.key

# create the csr
cd /etc/nginx/ssl/csr
sudo openssl req -new -key ../key/server.key -out server.csr
# follow the dialogue - make sure that the FQDN exactly matches the domain name the certificate is for 
# don't set a password

cat server.csr

#  copy and paste the csr, go straight to a certification authority, give them money and get a cert
#  create a file server.crt inside /etc/nginx/ssl/crt and put the certificate text in it
# add this to your server config in nginx

listen   443;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;


Leave a Reply

Your email address will not be published. Required fields are marked *