Getting Started

Install Certificate

Security

Troubleshoot

Help Center Install on NGINX

Installing SSL Certificate on NGINX

In this article you will learn how to install an SSL certificate on an NGINX web server and set up an HTTPS redirect.

Before You Start

Before you start, please make sure you have downloaded your certificate files. Still haven't downloaded your certificate? To get instructions for how to download your certificate (.zip), you can click here.

After downloading your certificate, you should have a ZIP containing the following certificate files:

  • certificate.crt
  • ca_bundle.crt
  • private.key

Step 1: Upload Certificate Files

First and foremost, you will need to upload the certificate files above (certificate.crt, ca_bundle.crt and private.key) to your NGINX server in a directory of your choice.

Step 2: Merge .crt Files

NGINX requires all .crt files to be merged in order to allow SSL installation. You will need to run the following command in order to merge your certificate.crt and ca_bundle.crt files.

$ cat certificate.crt ca_bundle.crt >> certificate.crt

Step 3: Edit Virtual Hosts File

Next, you will need to find your NGINX virtual hosts file and add some code to point it to your new SSL certificate. As soon as you have opened your virtual hosts file, create a copy of the existing non-secure server module and paste it below the original.

Please Note If you need your site to be accessible through both HTTPS (secure) and HTTP (non-secure), you will need a separate server module for each connection type.

Add the lines in bold to your virtual hosts file: 

server {

    listen   443;
    
    ssl    on;
    ssl_certificate    /etc/ssl/certificate.crt; 
    ssl_certificate_key    /etc/ssl/private.key;
    
    server_name your.domain.com;
    access_log /var/log/nginx/nginx.vhost.access.log;
    error_log /var/log/nginx/nginx.vhost.error.log;
    location / {
    root   /home/www/public_html/your.domain.com/public/;
    index  index.html;
    }

}

Step 3: Edit Virtual Hosts File

Finally, you will need to restart your NGINX server in order for your changes to come into effect. You can run the command below to restart your NGINX server: 

sudo /etc/init.d/nginx restart

Check Installation

Congratulations, you have completed all required steps to install your SSL certificate. To check whether or not your certificate has been installed correctly, simply use the built-in ZeroSSL "Check Installation" tool or try accessing your domain using HTTPS, e.g. https://domain.com.


Install on Plesk