Install SSL Certificate

How to Install RapidSSL Certificate?

Posted on by mjrj9

Steps to Install RapidSSL Certificate on NGINX Server

Initial Checklist

Before Installing RapidSSL Certificate please ensure following processes have been completed

  • Buy/renew RapidSSL SSL Certificate
  • Generate CSR with SHA-2 algorithm
  • Save the CSR & Private key file on your server
  • Apply for SSL Certificate Issuance

Step 1: Store RapidSSL Certificate Files

After quick domain verification, RapidSSL will provide your SSL certificate via email included with a *.zip file. Download that zip file and extract it on your server directory. This zip file contains server certificate, root certificate and intermediate certificate.

Step 2: Create new domain.crt & Intermediate.crt file

  • Open the server certificate using any text editor
  • Cope all the encrypted data starting from ‘—–BEGIN CERTIFICATE—–‘to ‘——END CERTIFICATE—–‘.
  • Paste this data into a new text file and give this file name as crt. 

Note: We have used ‘domain.crt’ file name just for demonstration purpose, you can give any name to the server certificate file.

Following the same way create a new file for intermediate certificate and give it a name as Intermediate.crt

Step 3: Combine the Server & Intermediate certificate files.

To combine Server & intermediate certificate files use following piece of code

cat intermediate.crt >> SSL.crt

Make sure the extension of the combined file should be .pem.

Step 4: NGINX virtual host file editing

  • Open the NGINX virtual-host file for the website which you wish to secure.
  • Create a copy of the existing server module of virtual-host file and paste it into the original source.
  • Now add following piece of code under server module
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/your_SSL.crt;
ssl_certificate_key /etc/ssl/your_domain_name.key;

server_name your.domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {

root /home/www/public_html/your.domain.com/public/;
index index.html;
}
}

Note: here is the above code ssl_certificate is the .pem file that you’ve created under step 3, ssl_certificate_key is the certificate key file you’ve received during CSR generation process. So you need to add the correct file name & path which you’ve created.

  • Use sudo /etc/init.d/nginx restart command to restart your NGINX server.
  • Your RapidSSL Certificate is now installed on your NGINX server.
mjrj9

Leave a Reply

Your email address will not be published. Required fields are marked *