Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Installing SSL Certificates for Nginx on Ubuntu

DZone's Guide to

Installing SSL Certificates for Nginx on Ubuntu

In this post, we provide a quick tutorial on a key aspect of web and network security: how to install SSL certificates to your server.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

Purchasing an SSL certificate requires creating a Certificate Signing Request (CSR) which you can do on your host using the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

When you purchase your certificate from your vendor, you'll provide the text content from your CSR file. Once you have the certificate files (normally a .crt and a .key file), transfer them to your server, and place them somewhere like /etc/ssl-certs/.

In your /etc/nginx/nginx.conf (or /etc/nginx/sites-enabled/default), add to the server { } block:

server {
listen 443 ssl;
ssl on;
ssl_certificate     /etc/ssl-certs/yourdomain_com.crt;
ssl_certificate_key /etc/ssl-certs/yourdomain.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

  # rest of server config
}

Restart Nginx with:

sudo service nginx restart

This is documented in the Nginx docs here.

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,ssl/tls ,network security ,web security

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}