Here is the guide to show you how to install the Comodo SSL certificate in Nginx.
- Order Comodo Certificate. And received the Certificate files.
I don’t discuss how to get it, where to get it. It is another topic. You will receive following files.
Positive SSL certificate, it is a zip file emailed to you. Unzip it and get four files.
- Root CA Certificate – AddTrustExternalCARoot.crt
- Intermediate CA Certificate – COMODORSAAddTrustCA.crt
- Intermediate CA Certificate – COMODORSADomainValidationSecureServerCA.crt
- Your PositiveSSL Certificate – www_example_com.crt (or the subdomain you gave them)
- Make the file for Nginx
cat www_example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt > your_domain_crt.pem
I just need your certificate and intermediate certificates. Root is already installed in every single computer or browser. The order of certificates is important.
- Save this file into the place you want Nginx use
mv your_domain_crt.pem /etc/nginx/ssl/
- Save your private key in the same place
mv your_domain_key.pem
- Make sure your Nginx config file looks like below
server { listen 443 ssl; ssl_certificate /etc/nginx/ssl/your_domain_crt.pem; ssl_certificate_key /etc/nginx/ssl/your_domain_key.pem; # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ... }
- Reload Nginx and check if it works by enter https://www.your_domain.com/