Created
June 4, 2018 17:18
-
-
Save emprit1988/d35ad80368d0b9bf17dfc93fcd66ab62 to your computer and use it in GitHub Desktop.
Install Entrust SSL in NGINX Server running in Ubuntu 14.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Step 1: Create chained certificate with the provided crt files. Ordering is important. | |
| ~$ cat Server.crt Intermediate.crt Root.crt > Chained_certificate.crt | |
| Step 2: Format the concatenation | |
| The crt file should Follow the syntax | |
| -----Start Certificate----- | |
| ############################ | |
| ############################ | |
| -----End Certificate----- | |
| If you find any lines like -----End Certificate----------Start Certificate----- you need to fix this manually in | |
| the above mentioned format. | |
| Step 3: Generate pem file from chained certificate | |
| ~$ openssl x509 -in Chained_certificate.crt -out x_domain.pem -outform PEM | |
| Note: ensure crt file is formatted correctly, or you'll get error. | |
| Step 3: Create a folder and move files | |
| Now create a folder in /etc/nginx/ssl and move the pem file and the private key used during csr generation. | |
| Step 4: Enable HTTPS configuration in nginx /etc/nginx/sites-enabled/default | |
| server{ | |
| ..... | |
| ..... | |
| server_name x_domain.com; | |
| ssl_certificate /etc/nginx/ssl/x_domain.pem; | |
| ssl_certificate_key /etc/nginx/ssl/safe_private.key; | |
| ..... | |
| } | |
| Step 5: Restart nginx server | |
| ~$ sudo service nginx restart | |
| this should restart service successfully, if this doesn't work as expected, | |
| look into /var/log/nginx/error.log to find the reason. | |
| Note: ensure you enable port 443 to public access and start accessing the site in https. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment