emSign Knowledge Base
  • emSign
  • Getting Started
    • About emSign
    • Why emSign?
    • Key Highlights
      • Root Store Listings
      • Trust
      • Security
    • Certificate Lifecycle and Key Management Platform (CERTInext)
  • emSign CERTInext
    • Overview
    • Getting Started
      • Enterprise Sign up
      • Partner Sign up
      • Retail Customers
      • Multi-factor & Trusted login
        • Multifactor Authentication and Single Sign On
        • Enforce 2FA
        • IP Restrictions
        • Digital Certificate based login
      • Alerts and Notifications
    • User and Group Management
    • Ordering a Certificate
      • As a Customer
        • DV certificates
        • OV Certificates
        • EV Certificates
        • SMIME Certificates
        • Intranet SSL Certificate
        • IGTF Certificates
        • Subscription Plan Coverage for SSL Products
        • Group-based Certificates Ordering
        • Ordering using Custom Fields
      • As a Partner
        • Order for Customers
        • Order for Sub-accounts
      • Requester Approval Workflows
        • EV requests by Authorized Signatory
        • Certificate requests by Administrator
      • Submitting a Certificate Signing Request (CSR)
        • Submit CSR for Pending Orders
        • Replace CSR for Pending Orders
      • Downloading Certificates
        • Download Interim DV
        • Download Certificate
      • Post Order Actions
        • Renew Certificate
        • Revoke an issued Certificate
        • Reissue Certificate
        • Add / Remove SANs for Multi-Domain SSL
    • Management
      • Domains
      • Organizations
      • Orders
      • Products
      • Templates
        • CSR Templates
        • Provisioning Templates
    • Integrations
      • Using APIs to Order
        • REST APIs
        • ACME APIs
      • Tools
        • eMudhra Certificate Utility Tool
        • eMudhra emSign Click Tool
          • Procedure for installing Certificate in HSM
          • Procedure for Attested CSR Generation
      • CA Connectors
    • Billing & Payments
      • Add Credits
      • Invoices
      • Statement (Ledger Statement)
      • Product Price List
    • Reports
      • Orders Report
      • Overall Statistics
      • Certificates Report
      • Key Store Report
      • Key Report
      • Sales Summary
      • Audit Logs
    • Settings
      • Reporting Tags
      • Manage Schedules
      • Custom Fields
    • Certificate Lifecycle Management
      • Discover Certificates
      • emSign CERTInext Bot
    • Key Lifecycle Management
      • Manage Keys
      • Key Profiles
      • Key Store
  • Consent Management
  • Certificate Approval Process
    • Domain Validation (DV) Process
    • Organization Validation (OV) Process
    • Extended Validation (EV) Process
    • User Certificates Process
    • SMIME Certificate Process
    • Qualified Sources
  • Certificate Installation
    • Before you install
    • Browser Compatibility
    • emSign's Security Seal
    • Installing SSL Certificate on IIS
    • Installing SSL Certificate on cPanel
    • Installing SSL Certificate on Amazon Web Services (AWS)
    • Installing SSL Certificate on Apache
    • Installing SSL Certificate on Plesk 12
    • Installing SSL Certificate on NGINX
    • Installing SSL Certificate on Google App Engine
    • Installing SSL Certificate on WHM
    • Installing SSL Certificate on Ubuntu
    • Installing SSL Certificate on Tomcat
    • Installing SSL Certificate on Heroku
    • Installing SSL Certificate on Bigcommerce
    • Installing Root & Intermediate Certificates for Intranet SSL
    • Supported Devices for auto-provisioning of certificates
    • SSL/TLS Server Rating Guide
  • Release Notes
    • Introduction
    • R1619 (07-Apr-2025)
    • R1591 (10-Mar-2025)
    • R1581 (28-Feb-2025)
    • R1553 (31-Jan-2025)
    • R1522 (31-Dec-2024)
    • R1490 (29-Nov-2024)
    • R1460 (30-Oct-2024)
    • R1427 (27-Sep-2024)
    • R1371 (02-Aug-2024)
    • R1354 (16-Jul-2024)
    • R1300 (23-May-2024)
    • R1251 (04-Apr-2024)
    • R1230 (14-Mar-2024)
    • R1196 (09-Feb-2024)
    • R1167 (11-Jan-2024)
    • R1152 (27-Dec-2023)
    • R1139 (14-Dec-2023)
    • R1124 (29-Nov-2023)
    • R1115 (20-Nov-2023)
    • R1101 (06-Nov-2023)
    • R1075 (11-Oct-2023)
    • R1062 (28-Sep-2023)
    • R1046 (12-Sep-2023)
    • R1039 (05-Sep-2023)
    • R1031 (28-Aug-2023)
    • R1024 (21-Aug-2023)
    • R1001 (29-Jul-2023)
Powered by GitBook

© eMudhra. All Rights Reserved.

On this page

Was this helpful?

Export as PDF
  1. Certificate Installation

Installing SSL Certificate on NGINX

Installing an SSL certificate on NGNIX involves several steps. Here are the instructions to install an SSL certificate NGNIX.

Prerequisites

  • A server running NGINX.

  • An SSL certificate and its corresponding private key. You can obtain these from a trusted Certificate Authority (CA) or create a self-signed certificate for testing purposes.

  • To convert your .cer into different file formats, Utilize our eMudhra utility tool to seamlessly transform your files into .cer, .pfx (.p12), .jks, or .pem formats, and conveniently import zip files using our CSR tool."

1. Upload Certificate Files

First and foremost, you will need to upload the certificate files above (certificate.crt, ca_bundle.crt and private.key) to your NGINX server in a directory of your choice.

2. Upload Certificate Files

NGINX requires all .crt files to be merged in order to allow SSL installation. You will need to run the following command in order to merge your certificate.crt and ca_bundle.crt files. $ cat certificate.crt ca_bundle.crt >> certificate.crt

3. Edit Virtual Hosts File

Next, you will need to find your NGINX virtual hosts file and add some code to point it to your new SSL certificate. As soon as you have opened your virtual hosts file, create a copy of the existing non-secure server module and paste it below the original.

Please note:

  • If you need your site to be accessible through both HTTPS (secure) and HTTP (non-secure), you will need a separate server module for each connection type.

4. Add SSL Configuration

Inside the server block, add the following lines to enable SSL. Replace the file paths with the actual paths to your certificate and private key. Add the lines in bold to your virtual hosts file: server

{
    listen                     443 ssl;
    ssl                  on;
    ssl_certificate      /etc/ssl/certificate.crt; 
    ssl_certificate_key  /etc/ssl/private.key;
    server_name  your.domain.com;
    access_log   /var/log/nginx/nginx.vhost.access.log;
    error_log    /var/log/nginx/nginx.vhost.error.log;
    location     / {
    root         /home/www/public_html/your.domain.com/public/;
    index        index.html;
    }
}

5. Restart the Server

Finally, you will need to restart your NGINX server in order for your changes to come into effect. You can run the command below to restart your NGINX server: sudo /etc/init.d/nginx restart

6. Check Installation

You have completed all the required steps to install your SSL certificate. Verify that the SSL certificate is correctly installed by accessing your website or service using HTTPS. After installing your certificate, it is a good practice to test your SSL setup using various online tools to ensure everything is working correctly.

PreviousInstalling SSL Certificate on Plesk 12NextInstalling SSL Certificate on Google App Engine

Last updated 1 year ago

Was this helpful?