Setting SSL Comodo on Nginx CentOS 6

  1. to purchase SSL with current information
    open Terminal
  2. openssl req -new -newkey rsa:2048 -nodes -keyout www_something_com.key -out www_something_com.csr

    www_something_com.key = information system for nginx configuration
    www_something_com.csr = current CSR (Certificate Signing Request)

  3. to get an email with PositiveSSL Certificate in zip format contains :

    AddTrustExternalCARoot.crt = Root CA Certificate
    COMODORSAAddTrustCA.crt = Intermediate CA Certificate
    COMODORSADomainValidationSecureServerCA.crt = Intermediate CA Certificate
    www_something_com.crt (that submitted) = PositiveSSL Certificate

  4. to combine all certificate into one file certificate
  5. cat www_something_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-combine.crt

  6. to store certificate into specified folder
  7. mkdir -p /etc/nginx/ssl/www_something_com/
    mv ssl-combine.crt /etc/nginx/ssl/www_something_com/

  8. to move private key in the same folder with certificate folder
  9. mv www_something_com.key /etc/nginx/ssl/www_something_com/

  10. to point nginx config to the right cert file and to the private key
  11. server {
    listen 443;

    ssl on;
    ssl_certificate /etc/nginx/ssl/www_something_com/ssl-combine.crt;
    ssl_certificate_key /etc/nginx/ssl/www_something_com/www_something_com.key;

    }

  12. to restart nginx
  13. service nginx restart

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s