Create, upload and configure SSL cert for NGINX

openssl req -nodes -newkey rsa:2048 -keyout domainname.com.key -out domainname.com.csr</li>


</ol>

NOTES:
Common name is the DOMAIN NAME

then write

cat domainname.com.csr

copy the whole block including the last whitespaces from

—-begin certificate request—–
key
—– end certificate request —– > cert_chain.crt

paste that in to your SSL provied including whitespaces. Then when you followed the steps and downloaded your certficate

concatenate them into a cert_chain.

cat code_support.crt code_support.ca-bundle >> cert_chain.crt

OBS! ORDER IS IMPORANT!
then upload the bundle and the domain.crt together with the key to your home folder, through SFTP or like this in the terminal:

scp domainkey.key user@domain:domain_com.key
scp cert_chain.crt user@domain:cert_chain.crt
scp domain.crt user@domain:domain.crt

ssh till servern.. copy over the files to correct folder

sudo cp domainkey.key /etc/ssl/domainkey.key
sudo cp cert_chain.crt /etc/ssl/cert_chain.crt
sudo cp domain.crt /etc/ssl/domain.crt

rm domainkey.key
rm cert_chain.crt
rm domain.crt

…

set up nginx to find the certificates and use SSL
1.

sudo nano /etc/nginx/sites-enabled/default

uncomment

listen 443 ssl default_server;

listen [::]:443 default_server ipv6only=on;

#add
server_name domain.com;
#add SSL config

server_name domain.com;

ssl_certificate /etc/ssl/cert_chain.crt;

ssl_certificate_key /etc/ssl/domain.com.key;
#uncomment
error_page 500 502 503 504 /50x.html;

location = /50x.html {

 

root /usr/share/nginx/html;

}

add redirects to the bottom:

server {

listen 80;

server_name domain.com;

rewrite ^/(.*) https://domain.com/$1 permanent;

}

server {

listen 443 ssl;

server_name www.domain.com;

return 301 $scheme://domain.com$request_uri;

}

ctrl x

y for saving

sudo nginx -t

if successful

sudo service nginx restart