Here is the guide to show you how to install the Comodo SSL certificate in Nginx.

  1. Order Comodo Certificate. And received the Certificate files.
    I don’t discuss how to get it, where to get it. It is another topic. You will receive following files.
    Positive SSL certificate, it is a zip file emailed to you. Unzip it and get four files.
    PositiveSSL-Shalom-Campus1

    • Root CA Certificate – AddTrustExternalCARoot.crt
    • Intermediate CA Certificate – COMODORSAAddTrustCA.crt
    • Intermediate CA Certificate – COMODORSADomainValidationSecureServerCA.crt
    • Your PositiveSSL Certificate – www_example_com.crt (or the subdomain you gave them)
  2. Make the file for Nginx
    cat  www_example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt > your_domain_crt.pem 

    I just need your certificate and intermediate certificates. Root is already installed in every single computer or browser. The order of certificates is important.

  3. Save this file into the place you want Nginx use
    mv your_domain_crt.pem /etc/nginx/ssl/
  4. Save your private key in the same place
    mv your_domain_key.pem
  5. Make sure your Nginx config file looks like below
    server {
    listen 443 ssl;
    
    ssl_certificate /etc/nginx/ssl/your_domain_crt.pem;
    ssl_certificate_key /etc/nginx/ssl/your_domain_key.pem;
    
    # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    
    # ...
    
    }
  6. Reload Nginx and check if it works by enter https://www.your_domain.com/

David Yin

David is a blogger, geek, and web developer — founder of FreeInOutBoard.com. If you like his post, you can say thank you here

Leave a Reply

Your email address will not be published. Required fields are marked *