Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Installing SSL Certificates for Nginx on Ubuntu

DZone's Guide to

Installing SSL Certificates for Nginx on Ubuntu

In this post, we provide a quick tutorial on a key aspect of web and network security: how to install SSL certificates to your server.

· Security Zone ·
Free Resource

Protect your applications against today's increasingly sophisticated threat landscape.

Purchasing an SSL certificate requires creating a Certificate Signing Request (CSR) which you can do on your host using the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

When you purchase your certificate from your vendor, you'll provide the text content from your CSR file. Once you have the certificate files (normally a .crt and a .key file), transfer them to your server, and place them somewhere like /etc/ssl-certs/.

In your /etc/nginx/nginx.conf (or /etc/nginx/sites-enabled/default), add to the server { } block:

server {
listen 443 ssl;
ssl on;
ssl_certificate     /etc/ssl-certs/yourdomain_com.crt;
ssl_certificate_key /etc/ssl-certs/yourdomain.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

  # rest of server config
}

Restart Nginx with:

sudo service nginx restart

This is documented in the Nginx docs here.

Rapidly detect security vulnerabilities in your web, mobile and desktop applications with IBM Application Security on Cloud. Register Now

Topics:
security ,ssl/tls ,network security ,web security

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}