Ask a Question

Advanced Search

Solution ID : SO25653

Last Modified : 06/12/2019

Installation Instructions for Nginx server


This document provides instructions for installing SSL certificate on Nginx server.

Step 1: Download the SSL Certificate & Intermediate CA Certificate

  1. Download your certificate from the unique secure link we provide your technical contact via order fulfillment email.
  2. The ZIP file you downloaded contains the following certificates:
    Note: Select the server platform as Other when downloading the certificate.
    • SSL certificate (i.e. ssl_certificate.crt, also known as end entity certificate, public key certificate, digital certificate or identity certificate).
    • Intermediate CA certificate (i.e. IntermediateCA.crt, also known as chained certificate or signer/issuer of the SSL certificate).
  3. Unzip the files onto the server where you will install the certificate.

Step 2: Concatenate the SSL Certificate & Intermediate CA Certificate

  1. You need to concatenate the SSL certificate file  (i.e. ssl_certificate.crt as described in Step 1) and Intermediate CA certificate file (i.e. IntermediateCA.crt as described in Step 1) into a single concatenated file by running the following command:
    cat ssl_certificate.crt IntermediateCA.crt > your_domain_name.crt

Step 3: Edit the Nginx virtual hosts file

  1. Open your Nginx virtual host file for the website you are securing.
    Note: If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a server module for each type of connection.
  2. Make a copy of the existing non-secure server module and paste it below the original.

    Then add the lines in bold below:

    server {
    listen 443;

    ssl on;
    ssl_certificate /etc/ssl/your_domain_name.crt;  - Your ssl certificate combined with the intermediate ca certificate that you made previously on Step 2.
    ssl_certificate_key /etc/ssl/your_domain_name.key; - The private key file generated when you created the certificate signing request (CSR).

    access_log /var/log/nginx/nginx.vhost.access.log;
    error_log /var/log/nginx/nginx.vhost.error.log;
    location / {
    root /home/www/public_html/;
    index index.html;
  3. Run the following command to restart Nginx:

    sudo /etc/init.d/nginx restart

If you are unable to use these instructions for your server, Symantec recommends that you contact either the vendor of your software or an organization that supports Nginx.


Step 4: Verify certificate installation

  1. Verify your installation with the DigiCert Installation Checker



For additional information, see Nginx Support website.