SlideShare a Scribd company logo

How To Create a SSL Certificate on Nginx for Ubuntu.pptx

Download as PPTX, PDF
VEXXHOST Private Cloud
VEXXHOST Private Cloud

This document provides steps to create an SSL certificate for Nginx on Ubuntu. It involves generating a private key, creating a certificate signing request (CSR) with the key, and using the CSR to generate a self-signed certificate. The certificate and key are then configured for a virtual host in Nginx to encrypt website traffic.

1 of 7
Download to read offline
How To Create a SSL Certificate on Nginx for Ubuntu.pptx
HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Security is always very important when it comes to any type internet communication. • SSL certificates are one way to get higher level of security for web servers. • When a web server runs using secure protocols, it is using public and private keys in order to encrypt the traffic. • The traffic is encrypted on the server, then send to the client (still encrypted) and then it is decrypted at client’s side (using the certificates). • This actually makes data unreadable for any potential intruder. • The SSL certificates are usually issued by certificate authority but we can create our own, self-signed certificates as well. • In order to create SSL certificate for Nginx, the first think to do is to make sure that we have Nginx already installed: # sudo apt-get install nginx
HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Before we proceed and create certificates, we should crate directory where are going to store the certificates and access them later. We will create the directory inside Nginx installation folder: # sudo mkdir /etc/nginx/ssl • Once the directory is created, we will perform all the required steps, inside that directory so all output files will be saved there. # cd /etc/nginx/ssl • The first file that we need to create is the private key. While creating the key, we will be asked for a passphrase. We must make sure to remember the passphrase since we will not be able to access the certificate without it. We will remove the passphrase later though. The following command will generate the private key: # sudo openssl genrsa -des3 -out server.key 1024
HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Once we have the key created, we will use the key on order to create Certificate Signing Request: # sudo openssl req -new -key server.key -out server.csr • After we execute this command, we will be prompt to enter some information, like Country, Company, Address, Email and possible some other fileds.. • We should fill in the information properly since that information will be visible to the public once the certificate is created and used on our website. • The most important is “common name” value. • Our fully qualified domain name should be entered here. We leave the optional company name and challenge password blank.
HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Now that we have the .key and .csr file, we are ready to create the certificate. • Having the passphrase on the key file adds extra security, but it might be inconvenient In case of automatic server reboot or similar situations. • If we have a passphrase it has to be typed in manually, so if there is not person available to do it, the website will be offline for a long time. • That is why we are going to remove the passphrase from the key file, using the following commands: # sudo cp server.key server.key.org # sudo openssl rsa -in server.key.org -out server.key • Now we are ready to create and sign our certificate: # sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • It will be valid for 1 year (365 days). That is something that can be changed if needed. • Now we can use the certificate and assign to a virtual host. • We can copy the Nginx sample configuration file in a new file and use that. Most important section in the file is the following: server { listen 443; server_name our-domain.com; root /var/www; index index.html index.htm; ssl on; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; }
HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • After making the changes and saving the file, we should copy the virtual host configuration file into /etc/nginx/sites-enabled/ and then restart Nginx. # sudo service nginx restart • After then restart, if we point our browser to https://our-domain.com we will be able to find the certificate on the page. That’s it. We have added the certificates and all traffic on our website is now encrypted.
Ad

Recommended

Issuing temporary credentials for my sql using hashicorp vault
Issuing temporary credentials for my sql using hashicorp vaultIssuing temporary credentials for my sql using hashicorp vault
Issuing temporary credentials for my sql using hashicorp vault
OlinData
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!
Joerg Henning
 
Let's Encrypt!
Let's Encrypt!Let's Encrypt!
Let's Encrypt!
Drew Fustini
 
Various Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolVarious Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and Keytool
CheapSSLsecurity
 
Microservices with SenecaJS (part 2)
Microservices with SenecaJS (part 2)Microservices with SenecaJS (part 2)
Microservices with SenecaJS (part 2)
Designveloper
 
Hashicorp Vault ppt
Hashicorp Vault pptHashicorp Vault ppt
Hashicorp Vault ppt
Shrey Agarwal
 
Introducing the Seneca MVP framework for Node.js
Introducing the Seneca MVP framework for Node.jsIntroducing the Seneca MVP framework for Node.js
Introducing the Seneca MVP framework for Node.js
Richard Rodger
 
Microservices With SenecaJS
Microservices With SenecaJSMicroservices With SenecaJS
Microservices With SenecaJS
Designveloper
 
Types of ssl commands and keytool
Types of ssl commands and keytoolTypes of ssl commands and keytool
Types of ssl commands and keytool
CheapSSLsecurity
 
ACME and Let's Encrypt: HTTPS made easy
ACME and Let's Encrypt: HTTPS made easyACME and Let's Encrypt: HTTPS made easy
ACME and Let's Encrypt: HTTPS made easy
Gabriell Nascimento
 
Streamline CI/CD with Just-in-Time Access
Streamline CI/CD with Just-in-Time AccessStreamline CI/CD with Just-in-Time Access
Streamline CI/CD with Just-in-Time Access
Akeyless
 
Demystfying secure certs
Demystfying secure certsDemystfying secure certs
Demystfying secure certs
Gary Williams
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp Vault
Mayank Patel
 
Rock Solid WordPress
Rock Solid WordPressRock Solid WordPress
Rock Solid WordPress
Erik Osterman
 
HashiCorp's Vault - The Examples
HashiCorp's Vault - The ExamplesHashiCorp's Vault - The Examples
HashiCorp's Vault - The Examples
Michał Czeraszkiewicz
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Outlyer
 
Using Vault to decouple MySQL Secrets
Using Vault to decouple MySQL SecretsUsing Vault to decouple MySQL Secrets
Using Vault to decouple MySQL Secrets
Derek Downey
 
Chickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Chickens & Eggs: Managing secrets in AWS with Hashicorp VaultChickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Chickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Jeff Horwitz
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network Nerd
Matt Bynum
 
Introducing Vault
Introducing VaultIntroducing Vault
Introducing Vault
Ramit Surana
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShell
Karl Fosaaen
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on Kubernetes
An Nguyen
 
Using ansible vault to protect your secrets
Using ansible vault to protect your secretsUsing ansible vault to protect your secrets
Using ansible vault to protect your secrets
Excella
 
Introduction to vault
Introduction to vaultIntroduction to vault
Introduction to vault
Henrik Høegh
 
Oracle WebLogic
Oracle WebLogicOracle WebLogic
Oracle WebLogic
Anar Godjaev
 
Designing High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWSDesigning High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWS
☁ Bryan Krausen
 
Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
Managing Secrets in Production
Managing Secrets in ProductionManaging Secrets in Production
Managing Secrets in Production
Erik Osterman
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
BU
 
Nginx-deploy on linux server with 80 and 442
Nginx-deploy on linux server with 80 and 442Nginx-deploy on linux server with 80 and 442
Nginx-deploy on linux server with 80 and 442
RekeshPatel
 
Ad

More Related Content

What's hot (20)

Types of ssl commands and keytool
Types of ssl commands and keytoolTypes of ssl commands and keytool
Types of ssl commands and keytool
CheapSSLsecurity
 
ACME and Let's Encrypt: HTTPS made easy
ACME and Let's Encrypt: HTTPS made easyACME and Let's Encrypt: HTTPS made easy
ACME and Let's Encrypt: HTTPS made easy
Gabriell Nascimento
 
Streamline CI/CD with Just-in-Time Access
Streamline CI/CD with Just-in-Time AccessStreamline CI/CD with Just-in-Time Access
Streamline CI/CD with Just-in-Time Access
Akeyless
 
Demystfying secure certs
Demystfying secure certsDemystfying secure certs
Demystfying secure certs
Gary Williams
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp Vault
Mayank Patel
 
Rock Solid WordPress
Rock Solid WordPressRock Solid WordPress
Rock Solid WordPress
Erik Osterman
 
HashiCorp's Vault - The Examples
HashiCorp's Vault - The ExamplesHashiCorp's Vault - The Examples
HashiCorp's Vault - The Examples
Michał Czeraszkiewicz
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Outlyer
 
Using Vault to decouple MySQL Secrets
Using Vault to decouple MySQL SecretsUsing Vault to decouple MySQL Secrets
Using Vault to decouple MySQL Secrets
Derek Downey
 
Chickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Chickens & Eggs: Managing secrets in AWS with Hashicorp VaultChickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Chickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Jeff Horwitz
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network Nerd
Matt Bynum
 
Introducing Vault
Introducing VaultIntroducing Vault
Introducing Vault
Ramit Surana
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShell
Karl Fosaaen
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on Kubernetes
An Nguyen
 
Using ansible vault to protect your secrets
Using ansible vault to protect your secretsUsing ansible vault to protect your secrets
Using ansible vault to protect your secrets
Excella
 
Introduction to vault
Introduction to vaultIntroduction to vault
Introduction to vault
Henrik Høegh
 
Oracle WebLogic
Oracle WebLogicOracle WebLogic
Oracle WebLogic
Anar Godjaev
 
Designing High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWSDesigning High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWS
☁ Bryan Krausen
 
Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
Managing Secrets in Production
Managing Secrets in ProductionManaging Secrets in Production
Managing Secrets in Production
Erik Osterman
 
Types of ssl commands and keytool
Types of ssl commands and keytoolTypes of ssl commands and keytool
Types of ssl commands and keytool
CheapSSLsecurity
 
ACME and Let's Encrypt: HTTPS made easy
ACME and Let's Encrypt: HTTPS made easyACME and Let's Encrypt: HTTPS made easy
ACME and Let's Encrypt: HTTPS made easy
Gabriell Nascimento
 
Streamline CI/CD with Just-in-Time Access
Streamline CI/CD with Just-in-Time AccessStreamline CI/CD with Just-in-Time Access
Streamline CI/CD with Just-in-Time Access
Akeyless
 
Demystfying secure certs
Demystfying secure certsDemystfying secure certs
Demystfying secure certs
Gary Williams
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp Vault
Mayank Patel
 
Rock Solid WordPress
Rock Solid WordPressRock Solid WordPress
Rock Solid WordPress
Erik Osterman
 
HashiCorp's Vault - The Examples
HashiCorp's Vault - The ExamplesHashiCorp's Vault - The Examples
HashiCorp's Vault - The Examples
Michał Czeraszkiewicz
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Outlyer
 
Using Vault to decouple MySQL Secrets
Using Vault to decouple MySQL SecretsUsing Vault to decouple MySQL Secrets
Using Vault to decouple MySQL Secrets
Derek Downey
 
Chickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Chickens & Eggs: Managing secrets in AWS with Hashicorp VaultChickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Chickens & Eggs: Managing secrets in AWS with Hashicorp Vault
Jeff Horwitz
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network Nerd
Matt Bynum
 
Introducing Vault
Introducing VaultIntroducing Vault
Introducing Vault
Ramit Surana
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShell
Karl Fosaaen
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on Kubernetes
An Nguyen
 
Using ansible vault to protect your secrets
Using ansible vault to protect your secretsUsing ansible vault to protect your secrets
Using ansible vault to protect your secrets
Excella
 
Introduction to vault
Introduction to vaultIntroduction to vault
Introduction to vault
Henrik Høegh
 
Oracle WebLogic
Oracle WebLogicOracle WebLogic
Oracle WebLogic
Anar Godjaev
 
Designing High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWSDesigning High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWS
☁ Bryan Krausen
 
Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
Managing Secrets in Production
Managing Secrets in ProductionManaging Secrets in Production
Managing Secrets in Production
Erik Osterman
 

Similar to How To Create a SSL Certificate on Nginx for Ubuntu.pptx (20)

Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
BU
 
Nginx-deploy on linux server with 80 and 442
Nginx-deploy on linux server with 80 and 442Nginx-deploy on linux server with 80 and 442
Nginx-deploy on linux server with 80 and 442
RekeshPatel
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
 
Training Slides: 302 - Securing Your Cluster With SSL
Training Slides: 302 - Securing Your Cluster With SSLTraining Slides: 302 - Securing Your Cluster With SSL
Training Slides: 302 - Securing Your Cluster With SSL
Continuent
 
SSL Certificates and Operations
SSL Certificates and OperationsSSL Certificates and Operations
SSL Certificates and Operations
Nisheed KM
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
jamesbarns729
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
Mohammad Yousri
 
Fun With SHA2 Certificates
Fun With SHA2 CertificatesFun With SHA2 Certificates
Fun With SHA2 Certificates
Gabriella Davis
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Aruba, a Hewlett Packard Enterprise company
 
Building basic public key infrastucture (PKI)
Building basic public key infrastucture (PKI)Building basic public key infrastucture (PKI)
Building basic public key infrastucture (PKI)
Ismail Rachdaoui
 
Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3
Alexandra N. Martinez
 
Setting Up a Cloud Server - Part 4 - Transcript.pdf
Setting Up a Cloud Server - Part 4 - Transcript.pdfSetting Up a Cloud Server - Part 4 - Transcript.pdf
Setting Up a Cloud Server - Part 4 - Transcript.pdf
ShaiAlmog1
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
ReliqusConsulting
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
Peter LaFond
 
SSL Everywhere!
SSL Everywhere!SSL Everywhere!
SSL Everywhere!
Simon Haslam
 
Creating SSH Key.pptx
Creating SSH Key.pptxCreating SSH Key.pptx
Creating SSH Key.pptx
Saumya876452
 
[CLASS 2014] Palestra Técnica - Jonathan Knudsen
[CLASS 2014] Palestra Técnica - Jonathan Knudsen[CLASS 2014] Palestra Técnica - Jonathan Knudsen
[CLASS 2014] Palestra Técnica - Jonathan Knudsen
TI Safe
 
Ssh that wonderful thing
Ssh that wonderful thingSsh that wonderful thing
Ssh that wonderful thing
Marc Cluet
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
BU
 
Nginx-deploy on linux server with 80 and 442
Nginx-deploy on linux server with 80 and 442Nginx-deploy on linux server with 80 and 442
Nginx-deploy on linux server with 80 and 442
RekeshPatel
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
 
Training Slides: 302 - Securing Your Cluster With SSL
Training Slides: 302 - Securing Your Cluster With SSLTraining Slides: 302 - Securing Your Cluster With SSL
Training Slides: 302 - Securing Your Cluster With SSL
Continuent
 
SSL Certificates and Operations
SSL Certificates and OperationsSSL Certificates and Operations
SSL Certificates and Operations
Nisheed KM
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
jamesbarns729
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
Mohammad Yousri
 
Fun With SHA2 Certificates
Fun With SHA2 CertificatesFun With SHA2 Certificates
Fun With SHA2 Certificates
Gabriella Davis
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Aruba, a Hewlett Packard Enterprise company
 
Building basic public key infrastucture (PKI)
Building basic public key infrastucture (PKI)Building basic public key infrastucture (PKI)
Building basic public key infrastucture (PKI)
Ismail Rachdaoui
 
Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3
Alexandra N. Martinez
 
Setting Up a Cloud Server - Part 4 - Transcript.pdf
Setting Up a Cloud Server - Part 4 - Transcript.pdfSetting Up a Cloud Server - Part 4 - Transcript.pdf
Setting Up a Cloud Server - Part 4 - Transcript.pdf
ShaiAlmog1
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
ReliqusConsulting
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
Peter LaFond
 
SSL Everywhere!
SSL Everywhere!SSL Everywhere!
SSL Everywhere!
Simon Haslam
 
Creating SSH Key.pptx
Creating SSH Key.pptxCreating SSH Key.pptx
Creating SSH Key.pptx
Saumya876452
 
[CLASS 2014] Palestra Técnica - Jonathan Knudsen
[CLASS 2014] Palestra Técnica - Jonathan Knudsen[CLASS 2014] Palestra Técnica - Jonathan Knudsen
[CLASS 2014] Palestra Técnica - Jonathan Knudsen
TI Safe
 
Ssh that wonderful thing
Ssh that wonderful thingSsh that wonderful thing
Ssh that wonderful thing
Marc Cluet
 
Ad

More from VEXXHOST Private Cloud (17)

10 Essential Laravel 4 Packages Everyone Should Use.pptx
10 Essential Laravel 4 Packages Everyone Should Use.pptx10 Essential Laravel 4 Packages Everyone Should Use.pptx
10 Essential Laravel 4 Packages Everyone Should Use.pptx
VEXXHOST Private Cloud
 
How To Install Rails & Nginx with Passenger on Ubuntu
How To Install Rails & Nginx with Passenger on UbuntuHow To Install Rails & Nginx with Passenger on Ubuntu
How To Install Rails & Nginx with Passenger on Ubuntu
VEXXHOST Private Cloud
 
How to Add Swap on Ubuntu
How to Add Swap on UbuntuHow to Add Swap on Ubuntu
How to Add Swap on Ubuntu
VEXXHOST Private Cloud
 
Getting Started with MEAN Stack
Getting Started with MEAN StackGetting Started with MEAN Stack
Getting Started with MEAN Stack
VEXXHOST Private Cloud
 
How To Securely Set Up Shipyard 2.0.10 with TLS on CoreOS
How To Securely Set Up Shipyard 2.0.10 with TLS on CoreOSHow To Securely Set Up Shipyard 2.0.10 with TLS on CoreOS
How To Securely Set Up Shipyard 2.0.10 with TLS on CoreOS
VEXXHOST Private Cloud
 
Fixing 403 Forbidden Nginx Errors
Fixing 403 Forbidden Nginx ErrorsFixing 403 Forbidden Nginx Errors
Fixing 403 Forbidden Nginx Errors
VEXXHOST Private Cloud
 
WordPress App on Ubuntu 14.04 LTS
WordPress App on Ubuntu 14.04 LTSWordPress App on Ubuntu 14.04 LTS
WordPress App on Ubuntu 14.04 LTS
VEXXHOST Private Cloud
 
How to deploy a MariaDB Galera cluster on Ubuntu 14.04
How to deploy a MariaDB Galera cluster on Ubuntu 14.04How to deploy a MariaDB Galera cluster on Ubuntu 14.04
How to deploy a MariaDB Galera cluster on Ubuntu 14.04
VEXXHOST Private Cloud
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
VEXXHOST Private Cloud
 
How To Install Ruby on Rails on Ubuntu
How To Install Ruby on Rails on UbuntuHow To Install Ruby on Rails on Ubuntu
How To Install Ruby on Rails on Ubuntu
VEXXHOST Private Cloud
 
How To Run Nginx in a Docker Container on Ubuntu 16.04
How To Run Nginx in a Docker Container on Ubuntu 16.04How To Run Nginx in a Docker Container on Ubuntu 16.04
How To Run Nginx in a Docker Container on Ubuntu 16.04
VEXXHOST Private Cloud
 
How To Install & Configure Varnish with Apache on Ubuntu
How To Install & Configure Varnish with Apache on UbuntuHow To Install & Configure Varnish with Apache on Ubuntu
How To Install & Configure Varnish with Apache on Ubuntu
VEXXHOST Private Cloud
 
CentOS 6 to CentOS 7 Upgrade Procedure
CentOS 6 to CentOS 7 Upgrade ProcedureCentOS 6 to CentOS 7 Upgrade Procedure
CentOS 6 to CentOS 7 Upgrade Procedure
VEXXHOST Private Cloud
 
How To Deploy a Clojure Web Application on Ubuntu 14.04
How To Deploy a Clojure Web Application on Ubuntu 14.04How To Deploy a Clojure Web Application on Ubuntu 14.04
How To Deploy a Clojure Web Application on Ubuntu 14.04
VEXXHOST Private Cloud
 
How to setup OpenVPN Server and Client on Ubuntu 14.04
How to setup OpenVPN Server and Client on Ubuntu 14.04How to setup OpenVPN Server and Client on Ubuntu 14.04
How to setup OpenVPN Server and Client on Ubuntu 14.04
VEXXHOST Private Cloud
 
How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...
How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...
How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...
VEXXHOST Private Cloud
 
How To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub CloneHow To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub Clone
VEXXHOST Private Cloud
 
10 Essential Laravel 4 Packages Everyone Should Use.pptx
10 Essential Laravel 4 Packages Everyone Should Use.pptx10 Essential Laravel 4 Packages Everyone Should Use.pptx
10 Essential Laravel 4 Packages Everyone Should Use.pptx
VEXXHOST Private Cloud
 
How To Install Rails & Nginx with Passenger on Ubuntu
How To Install Rails & Nginx with Passenger on UbuntuHow To Install Rails & Nginx with Passenger on Ubuntu
How To Install Rails & Nginx with Passenger on Ubuntu
VEXXHOST Private Cloud
 
How to Add Swap on Ubuntu
How to Add Swap on UbuntuHow to Add Swap on Ubuntu
How to Add Swap on Ubuntu
VEXXHOST Private Cloud
 
Getting Started with MEAN Stack
Getting Started with MEAN StackGetting Started with MEAN Stack
Getting Started with MEAN Stack
VEXXHOST Private Cloud
 
How To Securely Set Up Shipyard 2.0.10 with TLS on CoreOS
How To Securely Set Up Shipyard 2.0.10 with TLS on CoreOSHow To Securely Set Up Shipyard 2.0.10 with TLS on CoreOS
How To Securely Set Up Shipyard 2.0.10 with TLS on CoreOS
VEXXHOST Private Cloud
 
Fixing 403 Forbidden Nginx Errors
Fixing 403 Forbidden Nginx ErrorsFixing 403 Forbidden Nginx Errors
Fixing 403 Forbidden Nginx Errors
VEXXHOST Private Cloud
 
WordPress App on Ubuntu 14.04 LTS
WordPress App on Ubuntu 14.04 LTSWordPress App on Ubuntu 14.04 LTS
WordPress App on Ubuntu 14.04 LTS
VEXXHOST Private Cloud
 
How to deploy a MariaDB Galera cluster on Ubuntu 14.04
How to deploy a MariaDB Galera cluster on Ubuntu 14.04How to deploy a MariaDB Galera cluster on Ubuntu 14.04
How to deploy a MariaDB Galera cluster on Ubuntu 14.04
VEXXHOST Private Cloud
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
VEXXHOST Private Cloud
 
How To Install Ruby on Rails on Ubuntu
How To Install Ruby on Rails on UbuntuHow To Install Ruby on Rails on Ubuntu
How To Install Ruby on Rails on Ubuntu
VEXXHOST Private Cloud
 
How To Run Nginx in a Docker Container on Ubuntu 16.04
How To Run Nginx in a Docker Container on Ubuntu 16.04How To Run Nginx in a Docker Container on Ubuntu 16.04
How To Run Nginx in a Docker Container on Ubuntu 16.04
VEXXHOST Private Cloud
 
How To Install & Configure Varnish with Apache on Ubuntu
How To Install & Configure Varnish with Apache on UbuntuHow To Install & Configure Varnish with Apache on Ubuntu
How To Install & Configure Varnish with Apache on Ubuntu
VEXXHOST Private Cloud
 
CentOS 6 to CentOS 7 Upgrade Procedure
CentOS 6 to CentOS 7 Upgrade ProcedureCentOS 6 to CentOS 7 Upgrade Procedure
CentOS 6 to CentOS 7 Upgrade Procedure
VEXXHOST Private Cloud
 
How To Deploy a Clojure Web Application on Ubuntu 14.04
How To Deploy a Clojure Web Application on Ubuntu 14.04How To Deploy a Clojure Web Application on Ubuntu 14.04
How To Deploy a Clojure Web Application on Ubuntu 14.04
VEXXHOST Private Cloud
 
How to setup OpenVPN Server and Client on Ubuntu 14.04
How to setup OpenVPN Server and Client on Ubuntu 14.04How to setup OpenVPN Server and Client on Ubuntu 14.04
How to setup OpenVPN Server and Client on Ubuntu 14.04
VEXXHOST Private Cloud
 
How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...
How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...
How To Setup Highly Available Web Servers with Keepalived & Floating IPs on U...
VEXXHOST Private Cloud
 
How To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub CloneHow To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub Clone
VEXXHOST Private Cloud
 
Ad

Recently uploaded (20)

Revolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptxRevolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptx
nidhisingh691197
 
Tools of the Trade: Linux and SQL - Google Certificate
Tools of the Trade: Linux and SQL - Google CertificateTools of the Trade: Linux and SQL - Google Certificate
Tools of the Trade: Linux and SQL - Google Certificate
VICTOR MAESTRE RAMIREZ
 
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRYLEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
NidaFarooq10
 
PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]
PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]
PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]
saimabibi60507
 
Landscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature ReviewLandscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature Review
Hironori Washizaki
 
Best Practices for Collaborating with 3D Artists in Mobile Game Development
Best Practices for Collaborating with 3D Artists in Mobile Game DevelopmentBest Practices for Collaborating with 3D Artists in Mobile Game Development
Best Practices for Collaborating with 3D Artists in Mobile Game Development
Juego Studios
 
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Ranjan Baisak
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Foundation Models for Time Series : A Survey
Foundation Models for Time Series : A SurveyFoundation Models for Time Series : A Survey
Foundation Models for Time Series : A Survey
jayanthkalyanam1
 
Expand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchangeExpand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchange
Fexle Services Pvt. Ltd.
 
PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025
mu394968
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf
🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf
🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf
Imma Valls Bernaus
 
Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)
Allon Mureinik
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Apple Logic Pro X Crack FRESH Version 2025
Apple Logic Pro X Crack FRESH Version 2025Apple Logic Pro X Crack FRESH Version 2025
Apple Logic Pro X Crack FRESH Version 2025
fs4635986
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 
Revolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptxRevolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptx
nidhisingh691197
 
Tools of the Trade: Linux and SQL - Google Certificate
Tools of the Trade: Linux and SQL - Google CertificateTools of the Trade: Linux and SQL - Google Certificate
Tools of the Trade: Linux and SQL - Google Certificate
VICTOR MAESTRE RAMIREZ
 
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRYLEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
NidaFarooq10
 
PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]
PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]
PRTG Network Monitor Crack Latest Version & Serial Key 2025 [100% Working]
saimabibi60507
 
Landscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature ReviewLandscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature Review
Hironori Washizaki
 
Best Practices for Collaborating with 3D Artists in Mobile Game Development
Best Practices for Collaborating with 3D Artists in Mobile Game DevelopmentBest Practices for Collaborating with 3D Artists in Mobile Game Development
Best Practices for Collaborating with 3D Artists in Mobile Game Development
Juego Studios
 
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Ranjan Baisak
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Foundation Models for Time Series : A Survey
Foundation Models for Time Series : A SurveyFoundation Models for Time Series : A Survey
Foundation Models for Time Series : A Survey
jayanthkalyanam1
 
Expand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchangeExpand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchange
Fexle Services Pvt. Ltd.
 
PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025
mu394968
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf
🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf
🌱 Green Grafana 🌱 Essentials_ Data, Visualizations and Plugins.pdf
Imma Valls Bernaus
 
Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)
Allon Mureinik
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Apple Logic Pro X Crack FRESH Version 2025
Apple Logic Pro X Crack FRESH Version 2025Apple Logic Pro X Crack FRESH Version 2025
Apple Logic Pro X Crack FRESH Version 2025
fs4635986
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 

How To Create a SSL Certificate on Nginx for Ubuntu.pptx

  • 2. HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Security is always very important when it comes to any type internet communication. • SSL certificates are one way to get higher level of security for web servers. • When a web server runs using secure protocols, it is using public and private keys in order to encrypt the traffic. • The traffic is encrypted on the server, then send to the client (still encrypted) and then it is decrypted at client’s side (using the certificates). • This actually makes data unreadable for any potential intruder. • The SSL certificates are usually issued by certificate authority but we can create our own, self-signed certificates as well. • In order to create SSL certificate for Nginx, the first think to do is to make sure that we have Nginx already installed: # sudo apt-get install nginx
  • 3. HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Before we proceed and create certificates, we should crate directory where are going to store the certificates and access them later. We will create the directory inside Nginx installation folder: # sudo mkdir /etc/nginx/ssl • Once the directory is created, we will perform all the required steps, inside that directory so all output files will be saved there. # cd /etc/nginx/ssl • The first file that we need to create is the private key. While creating the key, we will be asked for a passphrase. We must make sure to remember the passphrase since we will not be able to access the certificate without it. We will remove the passphrase later though. The following command will generate the private key: # sudo openssl genrsa -des3 -out server.key 1024
  • 4. HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Once we have the key created, we will use the key on order to create Certificate Signing Request: # sudo openssl req -new -key server.key -out server.csr • After we execute this command, we will be prompt to enter some information, like Country, Company, Address, Email and possible some other fileds.. • We should fill in the information properly since that information will be visible to the public once the certificate is created and used on our website. • The most important is “common name” value. • Our fully qualified domain name should be entered here. We leave the optional company name and challenge password blank.
  • 5. HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • Now that we have the .key and .csr file, we are ready to create the certificate. • Having the passphrase on the key file adds extra security, but it might be inconvenient In case of automatic server reboot or similar situations. • If we have a passphrase it has to be typed in manually, so if there is not person available to do it, the website will be offline for a long time. • That is why we are going to remove the passphrase from the key file, using the following commands: # sudo cp server.key server.key.org # sudo openssl rsa -in server.key.org -out server.key • Now we are ready to create and sign our certificate: # sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
  • 6. HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • It will be valid for 1 year (365 days). That is something that can be changed if needed. • Now we can use the certificate and assign to a virtual host. • We can copy the Nginx sample configuration file in a new file and use that. Most important section in the file is the following: server { listen 443; server_name our-domain.com; root /var/www; index index.html index.htm; ssl on; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; }
  • 7. HOW TO CREATE A SSL CERTIFICATE ON NGINX FOR UBUNTU • After making the changes and saving the file, we should copy the virtual host configuration file into /etc/nginx/sites-enabled/ and then restart Nginx. # sudo service nginx restart • After then restart, if we point our browser to https://our-domain.com we will be able to find the certificate on the page. That’s it. We have added the certificates and all traffic on our website is now encrypted.