Ask a Question

Solution ID : SO25653

Last Modified : 05/18/2018

Installation Instructions for Nginx server

Solution

This document provides instructions for installing SSL certificate on Nginx server.
 

Step 1: Download the SSL Certificate & Intermediate CA Certificate

  1. Download your certificate from the unique secure link we provide your technical contact via order fulfillment email.
  2. The ZIP file you downloaded contains the following certificates:
    Note: Select the server platform as Other when downloading the certificate.
    • SSL certificate (i.e. ssl_certificate.crt, also known as end entity certificate, public key certificate, digital certificate or identity certificate).
    • Intermediate CA certificate (i.e. IntermediateCA.crt, also known as chained certificate or signer/issuer of the SSL certificate).
  3. Unzip the files onto the server where you will install the certificate.


Step 2: Concatenate the SSL Certificate & Intermediate CA Certificate

  1. You need to concatenate the SSL certificate file  (i.e. ssl_certificate.crt as described in Step 1) and Intermediate CA certificate file (i.e. IntermediateCA.crt as described in Step 1) into a single concatenated file by running the following command:
    cat ssl_certificate.crt IntermediateCA.crt > your_domain_name.crt


Step 3: Edit the Nginx virtual hosts file

  1. Open your Nginx virtual host file for the website you are securing.
    Note: If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a server module for each type of connection.
  2. Make a copy of the existing non-secure server module and paste it below the original.

    Then add the lines in bold below:

    server {
    listen 443;

    ssl on;
    ssl_certificate /etc/ssl/your_domain_name.crt;  - Your ssl certificate combined with the intermediate ca certificate that you made previously on Step 2.
    ssl_certificate_key /etc/ssl/your_domain_name.key; - The private key file generated when you created the certificate signing request (CSR).

    server_name your.domain.com;
    access_log /var/log/nginx/nginx.vhost.access.log;
    error_log /var/log/nginx/nginx.vhost.error.log;
    location / {
    root /home/www/public_html/your.domain.com/public/;
    index index.html;
    }
    }
     
  3. Run the following command to restart Nginx:

    sudo /etc/init.d/nginx restart
     

If you are unable to use these instructions for your server, Symantec recommends that you contact either the vendor of your software or an organization that supports Nginx.

 

Step 4: Verify certificate installation

  1. Verify your installation with the Symantec Installation Checker

 

Nginx

For additional information, see Nginx Support website.