how to install positive ssl on your website using nginx webserver

Now a days SSL is mandatory to encrypt information of website and also validate server identities to their visitors. If any site has no ssl, during user login most of the popular browser show that "this connection is not secure".



So I had bought positive SSL from namecheap for 9 dollar. This support single domain like mashy.me and www.mashpy.me

To setup ssl first you have to generate CSR and private key. From the terminal write:
$ cd ~
$ openssl req -newkey rsa:2048 -nodes -keyout mashpy.me.key -out mashpy.me.csr

You will get some question like this -
Country Name (2 letter code) [AU]: BD
State or Province Name (full name) [Some-State]:Dhaka
Locality Name (eg, city) []: Dhaka
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Your Company
Organizational Unit Name (eg, section) []: blog
Common Name (e.g. server FQDN or YOUR name) []: mashpy.me
Email Address []: abc@example.com

Here common name is so much important. You have to put domain name there.

Login you ssl service provider and you have to input csr code there and have to apply for approval ssl. write:
$ cat mashpy.me.csr

Copy the text and put it on the namecheap positive ssl and apply.


Within 24 hours they will send you a zip file which includes www_mashpy_me.ca-bundle www_mashpy_me.crt

Now we have to merge the text of these two files.
$ cat www_mashpy_me.crt www_mashpy_me.ca-bundle >> mashpy.me.chained.crt

We have to put our two files mashpy.me.chained.crt, mashpy.me.key to here  -
 /etc/nginx/ssl/mashpy

Suppose on nginx your server block is -
server {
listen 80 default deferred;
server_name www.mashpy.me mashpy;
root /home/ubuntu/apps/mashpy_production/current/public;
}

We have to change it like this -

Suppose on nginx your server block is -
server {
listen 80 default deferred;
server_name www.mashpy.me mashpy;
root /home/ubuntu/apps/mashpy_production/current/public;

listen 443 ssl;
ssl_certificate /etc/nginx/ssl/mashpy/mashpy.me.chained.crt;
ssl_certificate_key /etc/nginx/ssl/mashpy/mashpy.me.key;
}

Now restart you nginx server.
$ sudo service nginx restart

Now browse your site using https://mashpy.me . Hope it will work. If you have any question, don't hesitate to ask on the comment box.

Comments

  1. Vai ei socket layer system ki , konovabe encrypting er jonno JAVA socket programming e use kora zay ??

    mane ei concept ki java te kaj hoy ?
    Zemon amar pc te ekta local server create korlam ,
    1. port
    2. ip
    ei duita diye ,,
    zekhane ami multiple clients k amar server share korte cai , but tader data asa zaoyar somoy kivabe(if any topics) SSL kaj korabo ?

    ekta system ache Hash MD5 algorithm , but seta onek kothin :D

    rimon
    cste11

    ReplyDelete

Post a Comment

Popular Posts

Install and configure Network simulator (ns3) on Ubuntu 14.04