-
-
Save singhabhinav/132b8196abac026b43fa to your computer and use it in GitHub Desktop.
| Step 1 - Create .crt file | |
| cat domainname.crt domainname.ca-bundle > domainname-ssl-bundle.crt | |
| Step 2- | |
| Add lines for ssl_certificate in nginx configuration | |
| server { | |
| listen 80 default_server; | |
| listen [::]:80 default_server ipv6only=on; | |
| listen 443 ssl; | |
| ssl_certificate /etc/ssl/certs/domainname-ssl-bundle.crt; | |
| ssl_certificate_key /etc/ssl/private/domainname.key; | |
| ssl_session_timeout 5m; | |
| ssl_protocols SSLv3 TLSv1; | |
| ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; | |
| ssl_prefer_server_ciphers on; | |
| } |
Ty dude
Hello:
I haven't the file key, just i have crt and ca-bundle, how to fix this on nginx?
can you share me how to config nignx with crt and bundle ?
you need to break line after -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- of every chain otherwise won't work, so only cat not enough
you need to break line after -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- of every chain otherwise won't work, so only cat not enough
Thanks!
merge the cabundle and certificate into one file
cat cert.pem cabundle.pem >> combined.pem
and set ssl_certificate to 'combined.pem'
omg, thank you!!!! My first time dealing with a certificate, it was straightforward and easy but certainly not when your trying to figure things out the first time lol. Lots of varying issues along the way. All a learning lesson, should have the process down now. Your gist saved me further headache on this lol.
Muchos gracias!!
I have .crt file and .ca-Bundle.
but when i configure it according to all above steps it is giving me errot :
cannot load certificate key : PEM_read_bio_PrivateKey() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY PRIVATE KEY)
I don't have Key file i have only two files mention above.
So please let me know what is wrong.
I have .crt file and .ca-Bundle.
but when i configure it according to all above steps it is giving me errot :
cannot load certificate key : PEM_read_bio_PrivateKey() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY PRIVATE KEY)
I don't have Key file i have only two files mention above.
So please let me know what is wrong.
Hi, do you managed to do this?
I have .crt file and .ca-Bundle. but when i configure it according to all above steps it is giving me errot : cannot load certificate key : PEM_read_bio_PrivateKey() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY PRIVATE KEY) I don't have Key file i have only two files mention above. So please let me know what is wrong.
The private key should have been created when you generated your CSR.
I have .crt file and .ca-Bundle. but when i configure it according to all above steps it is giving me errot : cannot load certificate key : PEM_read_bio_PrivateKey() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY PRIVATE KEY) I don't have Key file i have only two files mention above. So please let me know what is wrong.
Hi, this helped me - https://stackoverflow.com/a/31736141
TLDR
Mine was ----BEGIN RSA PRIVATE KEY----- vs -----BEGIN RSA PRIVATE KEY-----, it was missing a - character.
Took me an hour to notice the problem.
Hope it helps.
Hello:
I haven't the file key, just i have crt and ca-bundle, how to fix this on nginx?