NGINX on CentOS 7: Install a Certificate

After your certificate request is approved, you can download your SSL and intermediate certificates from the SSL application. For more information see Downloading Your SSL Certificate. You will want to select the Apache option when you download your certificate.

Note: This SSL installation was done on a CentOS 7 server with a LEMP stack installed. The exact configuration of your server may be different, based on your version of Nginx, your OS platform, or the method used to install Nginx.

  1. Connect to your server via SSH.
  2. Create a directory to store the server key, certificate, and intermediate bundle.
    sudo mkdir /etc/nginx/ssl
  3. Copy your private key which was created when you generated your CSR to the ssl folder
    cp coolexample.key /etc/nginx/ssl
  4. SFTP to your server, and upload your SSL certificate and intermediate bundle to the /etc/nginx/ssl folder.
  5. Navigate to the SSL folder in SSH.
    cd  /etc/nginx/ssl
  6. Combine your SSL certificate and the intermediate bundle into one file using the concatenate command. Since your intermediate certificate and root certificate come in a bundle, you can use the following SSH command:
    sudo cat f84e19a2f44c6386.crt gd_bundle-g2-g1.crt >> coolexample.crt

    Note:The certificates have to be listed in this order with the concatenate command or the SSL will not work properly on your server.
  7. Open your NGINX config file for the domain you're installing the SSL certificate to.
    sudo vim /etc/nginx/sites-available/coolexample.com
    
  8. Update the config file to use the SSL certificate.
    server {
            listen 80;
            server_name coolexample.com;
            return 301 https://$host$request_uri;
    }
    
    server {
        listen 443 ssl;
    
        server_name coolexample.com;
        ssl_certificate     /etc/nginx/ssl/coolexample.crt;
        ssl_certificate_key /etc/nginx/ssl/coolexample.key;
    
        root /usr/share/nginx/coolexample.com/;
        index index.php  index.html index.htm;
    
    }
    
  9. Save the config file.
    wq!
  10. Restart your NGINX server.
    sudo service nginx restart

More info