Skip To Main Content
Trustzone Logo

Certificates

    Solutions

      Join our Newsletter

      Contact Us

      How to Install Your SSL Certificate in Nginx

      This guide provides step-by-step instructions for installing your certificate in Apache HTTP Server.

      To install a certificate in Nginx, a ‘Certificate Bundle’ must be created. To accomplish this, each certificate (SSL Cert, Intermediate Cert, and Root Cert) must be in the PEM format.

      1.  Open each certificate in a plain text editor
      2. Create a new document in a plain text editor
      3. Copy and paste the contents of each certificate into the new file

      The order should be:

      • Your GlobalSign SSL Certificate
      • GlobalSign Intermediate Certificate
      • GlobalSign Root Certificate

      Your completed file should be in this format:

      —–BEGIN CERTIFICATE—–
#Your GlobalSign SSL Certificate#
—–END CERTIFICATE—–

—–BEGIN CERTIFICATE—–
#GlobalSign Intermediate Certificate#
—–END CERTIFICATE—–

—–BEGIN CERTIFICATE—–
#GlobalSign Root Certificate#
—–END CERTIFICATE—–
      1. Save this ‘Certificate Bundle’ as a .crt
      2. Upload the Certificate Bundle & private key to a directory on the Nginx server
      3. Edit the Nginx virtual hosts file
      4. Open the Nginx virtual host file for the website you are securing. If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a server module for each type of connection
      5. Make a copy of the existing non-secure server module and paste it below the original
      6. Add the lines shown below:
      server { 

listen 443;  

ssl on;  

ssl_certificate /etc/ssl/your_domain.crt;  

ssl_certificate_key /etc/ssl/your_domain.key;  

server_name your.domain.com;  

access_log /var/log/nginx/nginx.vhost.access.log;  

error_log /var/log/nginx/nginx.vhost.error.log; 

location / {  

root /home/www/public_html/yourdomain.com/public/;  

index index.html;  

}  

}

      Note: Make sure you adjust the file names to match your certificate files:

      • ssl_certificate should be your primary certificate combined with the root & intermediate certificate bundle that you made in the previous step (e.g. your_domain.crt)
      • ssl_certificate_key should be the key file generated when you created the CSR

      Now, restart Nginx:

      sudo  systemctl nginx reload or sudo service nginx reload

      https://trustzone.com/knowledge-base-topic/roots-and-intermediate-ca-certificates-globalsign/

      Jon Tittmann

      Vetting/Support Team Lead & OpEx

      Jon has been an integral part of TRUSTZONE for the past six years, during which he has acquired substantial expertise in the cyber security field. As the team leader for our support team, he possesses a profound understanding of the sector, enabling him to resolve even the most complex challenges within the certificate industry effectively.

      Follow us

      Submit Your Technical Queries Here for Expert Assistance!

      We will contact you as soon as possible.

      Please enter your details below.