Install your SSL certificate on a Nginx web server
This is a short guide (mostly for myself and my team) on how to install SSL certificate on a Nginx web server.
Normally we buy a certificate from either a provider or a reseller. The process is pretty straightforward.
First, we have to generate so-called Certificate Signing Request (CSR) and a private key.
In order to do this, you can either use specialized software like OpenSSL or some kind of online generator (for instance, https://csrgenerator.com/).
Once you have CSR and a private key you need to submit the former to your Certificate Authority (CA) for signing.
As a result, you get your primary certificate in .crt file and the corresponding certificate chain in . bundle-ca file that contains root and intermediate certificates.
The primary certificate won’t work by itself. You need to combine it with its certificate chain before you can start using it.
Let’s assume we have wissance_com.crt, wissance_com.bundle-ca and wissance_com.key. On Linux, we can use the following command to combine them into a single CRT file:
cat wissance_com.crt wissance_com.ca-bundle >> wissance_com_merged.crtNow that your certificate chain is complete, you can install it on a Nginx web server:
server {
listen 443;
ssl on;
server_name wissance.com;
ssl_certificate /etc/nginx/ssl/wissance.com/2020–2021/wissance_com_merged.crt;
ssl_certificate_key /etc/nginx/ssl/wissance.com/2020–2021/wissance_com.key;