Skip to content

Instantly share code, notes, and snippets.

@InAnimaTe

InAnimaTe/gist:2e2b1058af02d3ac2033

Last active August 29, 2015 14:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save InAnimaTe/2e2b1058af02d3ac2033 to your computer and use it in GitHub Desktop.
Save InAnimaTe/2e2b1058af02d3ac2033 to your computer and use it in GitHub Desktop.
Download ZIP
PositiveSSL Setup on Nginx
Raw
gistfile1.md
  • UPDATE: I have edited the below method to not include the AddTrustExternalCARoot.crt as part of the trusted certificate since, to my knowledge (and most people on the web), this cert should already exist in the clients' browser.
unzip scriptthe_net.zip
cat scriptthe_net.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt > ssl_certificate
cat COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt > ssl_trusted_certificate

This is how I setup my ssl keys for nginx. The file im catting them to is the associated configuration parameter in your server config. You'll define it like so:

ssl_certificate_key /etc/nginx/ssl/domain.key;
ssl_certificate /etc/nginx/ssl/domain.crt;
ssl_trusted_certificate /etc/nginx/ssl/trust.crt;

The key is self explanatory; its merely the key you generated when you first generated your csr+key pair

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment