Ask a Question

Installation instructions for Nginx Server

Solution

This document provides installation instructions for Nginx server. If you are unable to use these instructions for your server, RapidSSL recommends that you contact the server vendor or the organization, which supports Nginx.

Step 1: Obtain the RapidSSL Certificate

  1. Download RapidSSL Certificate.  Please select "Other" / "X.509" as the platform when downloading.


Step 2: Concatenate the SSL and Intermediate CA Certificate

  1. You need to combine the Server certificate (SSL_Certificate.crt) file and the Intermediate CA Certificate (intermediateCA.crt) into a single concatenated file
  2. To get a single concatenated file out of the Intermediate CA and the SSL Certificate run the following command:

    cat intermediateCA.crt >> SSL_Certificate.crt

    NOTE:
    The file names above should have been received within a .ZIP file from the RapidSSL Security Center account.  If the certificate was delivered from another location, then the file names should be updated to the names of the local certificates files that are being used.
     


Step 3: Edit the Nginx virtual hosts file

  1. Open your Nginx virtual host file for the website you are securing.

    NOTE:  If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a server module for each type of connection.
     
  2. Make a copy of the existing non-secure server module and paste it below the original.

    Then add the lines in bold below:

    server {
    listen 443;

    ssl on;
    ssl_certificate /etc/ssl/[concatenated file];
    ssl_certificate_key /etc/ssl/[private key file];


    server_name your.domain.com;
    access_log /var/log/nginx/nginx.vhost.access.log;
    error_log /var/log/nginx/nginx.vhost.error.log;
    location / {
    root /home/www/public_html/your.domain.com/public/;
    index index.html;
    }
    }

     
  3. Adjust the file names to match your certificate files:

    ssl_certificate should be your concatenated file created in Step 3
    ssl_certificate_key
    should be the key file generated when you created the CSR.
     
  4. Restart Nginx. Run the following command to restart Nginx:

    sudo /etc/init.d/nginx restart
     
  5. You can verify the certificate installation using the  RapidSSL Installation Checker