Skip to content

Instantly share code, notes, and snippets.

@prellele
Created February 14, 2012 10:48
  • Star 30 You must be signed in to star a gist
  • Fork 13 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save prellele/1825744 to your computer and use it in GitHub Desktop.
Using StartSSL Certs with Nginx-Webserver

NOTE: You can check, if your config here:
http://www.sslshopper.com/ssl-checker.html

Decrypt the private key using the password you entered when you created your key:
openssl rsa -in ssl.key -out /etc/nginx/conf/ssl.key

Protect your key from prying eyes:
chmod 600 /etc/nginx/conf/ssl.key

Fetch StartSSL’s root CA and class 1 intermediate server CA certificates:
wget http://www.startssl.com/certs/sub.class1.server.ca.pem

Create a unified certificate from your certificate and the CA certificates:
cat ssl.crt sub.class1.server.ca.pem > /etc/nginx/conf/ssl-unified.crt

Configure your nginx server to use the new key and certificate (in the global settings or a server section):
ssl on;
ssl_certificate /etc/nginx/conf/ssl-unified.crt;
ssl_certificate_key /etc/nginx/conf/ssl.key;

Now reload Nginx configuration

@purcell
Copy link

purcell commented Jan 10, 2014

Very helpful - thanks for this!

@psgganesh
Copy link

Thanks :) 👍

@jeewangue
Copy link

Thanks!! :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment