Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Using StartSSL Certs with Nginx-Webserver

NOTE: You can check, if your config here:
http://www.sslshopper.com/ssl-checker.html

Decrypt the private key using the password you entered when you created your key:
openssl rsa -in ssl.key -out /etc/nginx/conf/ssl.key

Protect your key from prying eyes:
chmod 600 /etc/nginx/conf/ssl.key

Fetch StartSSL’s root CA and class 1 intermediate server CA certificates:
wget http://www.startssl.com/certs/sub.class1.server.ca.pem

Create a unified certificate from your certificate and the CA certificates:
cat ssl.crt sub.class1.server.ca.pem > /etc/nginx/conf/ssl-unified.crt

Configure your nginx server to use the new key and certificate (in the global settings or a server section):
ssl on;
ssl_certificate /etc/nginx/conf/ssl-unified.crt;
ssl_certificate_key /etc/nginx/conf/ssl.key;

Now reload Nginx configuration

@purcell

This comment has been minimized.

Copy link

commented Jan 10, 2014

Very helpful - thanks for this!

@psgganesh

This comment has been minimized.

Copy link

commented Nov 17, 2015

Thanks :) 👍

@jeewangue

This comment has been minimized.

Copy link

commented Sep 6, 2016

Thanks!! :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.