rbngzlv
12/9/2014 - 7:00 PM

gistfile1.md

NOTE: You can check, if your config here:
http://www.sslshopper.com/ssl-checker.html

Decrypt the private key using the password you entered when you created your key:
openssl rsa -in ssl.key -out /etc/nginx/conf/ssl.key

Protect your key from prying eyes:
chmod 600 /etc/nginx/conf/ssl.key

Fetch StartSSL’s root CA and class 1 intermediate server CA certificates:
wget http://www.startssl.com/certs/sub.class1.server.ca.pem

Create a unified certificate from your certificate and the CA certificates:
cat ssl.crt sub.class1.server.ca.pem > /etc/nginx/conf/ssl-unified.crt

Configure your nginx server to use the new key and certificate (in the global settings or a server section):
ssl on;
ssl_certificate /etc/nginx/conf/ssl-unified.crt;
ssl_certificate_key /etc/nginx/conf/ssl.key;

Now reload Nginx configuration