Nginx SSL – Generate chained.crt

 

To generate chained.crt file you need following 2 files:

  • server.crt(other name yoer_domain_name.crt)
  • IntermediateCA.crt

Concatenate above 2 files in the same order to generate chained.crt file.

$ cat server.crt IntermediateCA.crt > chained.crt

Add these 2 lines in Nginx config:

ssl_certificate    /etc/nginx/ssl/chained.crt
ssl_certificate_key    /etc/nginx/ssl/your_domain_name.key;

Once it is done restart the Nginx.

Nginx – Deploy SSL certificate

 

These steps are used to to deploy SSL certificate issued by digicert.

Before starting make sure that you download ssl certificate issued by digicert.

Now create single file by concatenating  your_domain_com.crt and DigiCertCA.crt, name it as chained.crt

You can use following command to generate chained.crt

$ cat your_domain_com.crt DigiCertCA.crt > chained.crt

chained.crt file is used as ssl_certificate in nginx in this case.

Now configure nginx virtual hosts file for the website you wanted to secure as shown below:

server {

 listen 443 ssl default_server;
 ssl_certificate    /etc/nginx/ssl/chained.crt
 ssl_certificate_key    /etc/nginx/ssl/your_domain_name.key;

 server_name your.domain.com;

 access_log /var/log/nginx/access.log;
 error_log /var/log/nginx/error.log;

 location / {
  root   /home/www/public_html/your.domain.com/public/;
  index  index.html;
}

}

Finally restart nginx.

 

$ service nginx restart

After restarting your website can be accessed with https.