Monthly Archives: December 2014

Install SSL certificate for Nginx

Recently I bought an SSL certificate for this blog from MegaSSLStore. My website is hosted on a FreeBSD machine and served by Nginx web server. In order to install the certificate on this machine, I downloaded from MegaSSLStore the certificate and CSR+private key and I copied them on my server in /usr/local/etc/nginx/ssl

# scp -P22 * root@razvantudorica.com:/usr/local/etc/nginx/ssl

root@RTU001 /usr/local/etc/nginx/ssl # ls -lh
total 32
-r-------- 1 root wheel 5.5K Dec 14 11:39 razvantudorica.com.ca-bundle
-r-------- 1 root wheel 1.9K Dec 14 11:39 razvantudorica.com.crt
-r-------- 1 root wheel 1.1K Dec 14 11:39 razvantudorica.com.csr
-r-------- 1 root wheel 1.7K Dec 14 11:39 razvantudorica.com.key

Because I have an .crt certificate and also a ca-bundle I need to combine these two files in one certificate:

cd /usr/local/etc/nginx/ssl
cat razvantudorica.com.crt razvantudorica.com.ca-bundle > razvantudorica.com-bundle.crt

After this, I changed the nginx website configuration file, in order to redirect all the traffic that is coming on http (port 80) on https (port 443).

Continue reading