Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

How to Install SSL Certificate on NGINX Web Server

SSL Installation Steps for NGINX Web Server

Initial Checklist

nginx serverBefore Installing SSL Certificate please ensure following processes have been completed

  • Buy/renew SSL Certificate
  • Generate CSR with SHA-2 algorithm
  • Save the CSR & Private key file on your server
  • Apply for SSL Certificate Issuance
  • Submit SSL issuance documents to Certificate authority (for EV & OV SSL Certificate)

Step 1: Store Certificate Files

After quick domain verification, you will receive your SSL certificate file via email in a Zip file from Certificate authority. Download that zip file and extract it on your server directory. This zip file contains server certificate, root certificate and intermediate certificate.

Step 2: Create new domain.crt & Intermediate.crt file

  • Open the server certificate using any text editor
  • Copy all the encrypted data starting from ‘—–BEGIN CERTIFICATE—–‘to ‘——END CERTIFICATE—–‘.
  • Paste this data into a new text file and give this file name as crt. 
Note: We have used ‘domain.crt’ file name just for demonstration purpose, you can give any name to the server certificate file.

Following the same way create a new file for intermediate certificate and give it a name as Intermediate.crt

Step 3: Combine the Server & Intermediate certificate files.

To combine Server & intermediate certificate files use following piece of code

cat intermediate.crt >> SSL.crt

Make sure the extension of the combined file should be .pem.

Step 4: NGINX virtual host file editing

  • Open the NGINX virtual-host file for the website which you wish to secure.
  • Create a copy of the existing server module of virtual-host file and paste it into the original source.
  • Now add following piece of code under server module
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/your_SSL.crt;
ssl_certificate_key /etc/ssl/your_domain_name.key;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/;
index index.html;

Note: Here is the above code ssl_certificate is the .pem file that you’ve created under step 3, ssl_certificate_key is the certificate key file you’ve received during CSR generation process. So you need to add the correct file name & path which you’ve created.

  • Using sudo /etc/init.d/nginx restart command to restart your NGINX server.
  • Your SSL Certificate is now installed on your NGINX web server.



Comodo Positive SSL


Vendor Price: $41.73

Coupon Code: ASCSCPSSL4

Get It Now



RapidSSL Certificate


Vendor Price: $69

Coupon Code: ASRSRSSL2

Get It Now



Comodo PositiveSSL Multi-Domain

$17.54 – 2 SAN Included

Vendor Price: $41.73

Coupon Code: ASCSCPMD4

Get It Now

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More