Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • Making NGINX Server HTTPS Certified

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 482
    Comment on it

    Making NGINX Server HTTPS Certified


    For making a server HTTPS compatible, these steps can be followed if you are purchasing the SSL certificate from Godaddy:

    1. Purchase an SSL certificate from Godaddy.
    2. Now login to your server using SSH
    3. ssh -i pemkeypath user@serverip
      
    4. Generate a private key and CSR file using openssl
    5. openssl req -newkey rsa:2048 -nodes -keyout yourdomain.com.key -out yourdomain.com.csr    
      #Change the yourdomain.com with your domain name
      
    6. Go to Godaddy and select your SSL certificate and click on setup and do as asked
    7. Now when asked paste the already generated CSR file and click on apply
    8. Now the verification process will start and from now follow the godaddy guidelines as they will prompt step by step, what is required next.
    9. For domain verification they may sent an HTML file that needs to be placed in server root folder and check whether it is opening appropriately as asked
    10. If not visible, change the permission of the file as public and reload again
    11. Again follow the instructions of Godaddy.
    12. Once the verification process is complete, you will get a zipped file to download. If you are using nginx or apache select apache and then download.
    13. Now once you extract the file, you will receive two .crt files :
      a. your SSL certificate which would have a random name
      b. Godaddy intermediate certificate bundle gd_bundle-g2-1.crt
    14. Rename your ssl certificate to your domain name i.e. yourdomain.com.crt and intermediate certificate to intermediate.crt
    15. Upload both the certificates to a secure location on server.
    16. For nginx you need to build a chained certificate by merging both the certificate files into on as:
    17.      cat yourdomain.com.crt intermediate.crt > yourdomain.com.chained.crt
      
    18. Modify the listen directive in your nginx config file
    19.     listen 443 ssl;
      
    20. Now change the server_name directive and add the paths of ssl chained certificate and ssl certificate key
    21.     server_name yourdomain.com;
          ssl_certificate /home/sammy/yourdomain.com.chained.crt;
          ssl_certificate_key /home/sammy/yourdomain.com.key;
      
    22. Change the protocols and ciphers
    23.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
          ssl_prefer_server_ciphers on;
          ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
      
    24. For redirecting all the http calls to https add the following lines in http section
    25.     server {
          listen 80;
          server_name yourdomain.com;
          rewrite ^/(.*) https://yourdomain.com/$1 permanent;
          }
      
    26. Now restart your server and your server is https now.

    27. For more blogs like this click here

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: