Skip to content

Instantly share code, notes, and snippets.

Created August 27, 2014 13:10
Show Gist options
  • Save thor48/581d9f33ca9c773fbdde to your computer and use it in GitHub Desktop.
Save thor48/581d9f33ca9c773fbdde to your computer and use it in GitHub Desktop.
SSL & NGINX - GoDaddy
nginx and Go Daddy SSL certificates
Generate the CSR:
1 openssl genrsa 2048 >
2 openssl req -new -key >
Enter in whatever you want - you NEED the "Common Name" everything else is not really required for it to work.
01 Country Name (2 letter code) [AU]:US
02 State or Province Name (full name) [Some-State]:.
03 Locality Name (eg, city) []:.
04 Organization Name (eg, company) [Internet Widgits Pty Ltd]:Something Here
05 Organizational Unit Name (eg, section) []:.
06 Common Name (eg, YOUR name) []
07 Email Address []:.
09 Please enter the following 'extra' attributes
10 to be sent with your certificate request
11 A challenge password []:
12 An optional company name []:
Paste the CSR into Go Daddy, get back the .crt file
Combine the cert + Go Daddy chain:
1 cat gd_bundle.crt >
Lastly, in nginx.conf:
1 ssl_certificate /etc/nginx/certs/;
2 ssl_certificate_key /etc/nginx/certs/;
Additionally I have these SSL tweaks which seems to maintain a better SSL experience, passes McAfee Secure's SSL checks, etc.:
1 ssl on;
2 ssl_protocols SSLv3 TLSv1;
3 ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
4 ssl_session_cache shared:SSL:10m;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment