Create, upload and configure SSL cert for NGINX

  1. Generate  your SSL CSR to give your SSL provider
    openssl req -nodes -newkey rsa:2048 -keyout domainname.com.key -out domainname.com.csr</li>
    
    
    </ol>
    
    
    

    NOTES:
    Common name is the DOMAIN NAME

    then write

    cat domainname.com.csr
    

    copy the whole block including the last whitespaces from

    —-begin certificate request—–
    key
    —– end certificate request —– > cert_chain.crt

    paste that in to your SSL provied including whitespaces. Then when you followed the steps and downloaded your certficate

    concatenate them into a cert_chain.

     

    cat code_support.crt code_support.ca-bundle >> cert_chain.crt
    

    OBS! ORDER IS IMPORANT!
    then upload the bundle and the domain.crt together with the key to your home folder, through SFTP or like this in the terminal:

    scp domainkey.key user@domain:domain_com.key
    scp cert_chain.crt user@domain:cert_chain.crt
    scp domain.crt user@domain:domain.crt
    

    ssh till servern.. copy over the files to correct folder

    sudo cp domainkey.key /etc/ssl/domainkey.key
    sudo cp cert_chain.crt /etc/ssl/cert_chain.crt
    sudo cp domain.crt /etc/ssl/domain.crt
    
    rm domainkey.key
    rm cert_chain.crt
    rm domain.crt
    

    set up nginx to find the certificates and use SSL
    1.

    sudo nano /etc/nginx/sites-enabled/default
    

    uncomment

    listen 443 ssl default_server;
    
    listen [::]:443 default_server ipv6only=on;
    
    #add
    server_name domain.com;
    #add SSL config
    
    server_name domain.com;
    
    ssl_certificate /etc/ssl/cert_chain.crt;
    
    ssl_certificate_key /etc/ssl/domain.com.key;
    #uncomment
    error_page 500 502 503 504 /50x.html;
    
    location = /50x.html {
    
    &nbsp;
    
    root /usr/share/nginx/html;
    
    }
    
    add redirects to the bottom:
    
    server {
    
    listen 80;
    
    server_name domain.com;
    
    rewrite ^/(.*) https://domain.com/$1 permanent;
    
    }
    
    server {
    
    listen 443 ssl;
    
    server_name www.domain.com;
    
    return 301 $scheme://domain.com$request_uri;
    
    }
    

    ctrl x

    y for saving

    sudo nginx -t
    

    if successful

    
    sudo service nginx restart
    

Add your comment