TLS certificate installation on an Nginx server

This help article describes how to install an TLS certificate on an Nginx server and then configure it.

Create a key file

The issued TLS certificate is delivered by email. The certificate arrives in text form encoded in Base64 format. Change the extension to .crt and copy the file to your server.

The Intermediate certificate, which you need for the certificate's trust, must be joined to one file with the leaf TLS certificate. This is the difference between Nginx and other servers, such as Apache.

Combine the two files (certificate and intermediate certificate) into one PEM file with the following command:
cat intermediate_cert.crt >> leaf_ssl_certificate.crt
The server certificate must go in the file first, followed by one or more intermediate certificates.

Server configuration

Now you need to edit the virtual host file of the Nginx server. Open this file and edit it.

  • server {
  • listen 443;
  • ssl on;
  • ssl_certificate /etc/ssl/joined_certificates.pem; (combination of two files, see above)
  • ssl_certificate_key /etc/ssl/private_key.key;
  • server_name your.domain.com;
  • access_log /var/log/nginx/nginx.vhost.access.log;
  • error_log /var/log/nginx/nginx.vhost.error.log;
  • location / {
  • root /home/www/public_html/your.domain.com/public/;
  • index index.html;
  • }
  • }

Restart the Nginx with command sudo /etc/init.d/nginx restart

Is everything alright? Check the certificate installation in our simple tool. For more information read the article Check installation of TLS certificate.


Pomoc s SSL certifikáty

Are you lost?

Write us
info@sslmarket.co.uk
Contact form