ssls.com with NGINX
mkdir /etc/ssl/ssls/
cd /etc/ssl/ssls/
openssl req -nodes -newkey rsa:2048 -keyout site_name.key -out site_name.csr
When last command asks for CN
use your domain name, it is important. For example:
mydomain.com
- for single domains*.mydomain.com
- for wildcard domains
Copy csr
and paste to ssls.com
cat site_name.csr
When your get your archieve doma.in.zip
extract it in /etc/ssls/
and do
for f in site_name.crt site_name.ca-bundle ; do cat $f; echo;
done > ssl-bundle.crt
Next you can add to your nginx
server:
ssl on;
ssl_certificate /etc/ssl/ssls/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ssls/site_name.key;
Note. If you created key with PEM passphrase when you executed openssl req
(it will happen if you will not pass -nodes
key), then not forget to remove it from .key
before using in nginx
openssl rsa -in /etc/ssl/ssls/site_name.key -out /etc/ssl/ssls/site_name_no_pass.key
And use site_name_no_pass.key
in nginx config