Create the Server Key and Certificate Signing Request
Start off by creating the 1024 rsa private key.
sudo openssl genrsa -des3 -out /etc/nginx/conf.d/i90runner.key 1024 sudo openssl req -new -key /etc/nginx/conf.d/i90runner.key -out /etc/nginx/conf.d/i90runner.csr
Remove the Passphrase
sudo cp /etc/nginx/conf.d/i90runner.key /etc/nginx/conf.d/i90runner.key.org sudo openssl rsa -in /etc/nginx/conf.d/i90runner.key.org -out /etc/nginx/conf.d/i90runner.key
Sign your SSL Certificate
sudo openssl x509 -req -days 1000 -in /etc/nginx/conf.d/i90runner.csr -signkey /etc/nginx/conf.d/i90runner.key -out /etc/nginx/conf.d/i90runner.crt
Set Up the Certificate
sudo vim virtual.conf
sudo sudo service nginx restart
NGINX config Server Block :
server {
listen 443;
server_name i90runner.com;
ssl on;
ssl_certificate i90runner.crt;
ssl_certificate_key i90runner.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /xxx/share/nginx/xxx/kaizen;
index index.html index.htm index.php;
}
}
Command History :
1001 sudo openssl genrsa -des3 -out /etc/nginx/conf.d/i90runner.key 1024 1002 sudo openssl req -new -key /etc/nginx/conf.d/i90runner.key -out /etc/nginx/conf.d/i90runner.csr 1003 sudo cp /etc/nginx/conf.d/i90runner.key i90runner.key.org 1004 sudo cp /etc/nginx/conf.d/i90runner.key /etc/nginx/conf.d/i90runner.key.org 1005 sudo openssl rsa -in /etc/nginx/conf.d/i90runner.key.org -out /etc/nginx/conf.d/i90runner.key 1006 sudo openssl x509 -req -days 1000 -in /etc/nginx/conf.d/i90runner.csr -signkey /etc/nginx/conf.d/i90runner.key -out /etc/nginx/conf.d/i90runner.crt 1007 cp conf.d/i90runner.key i90runner.key 1008 sudo cp conf.d/i90runner.key i90runner.key 1009 sudo cp conf.d/i90runner.crt i90runner.crt 1010 ls 1011 sudo chown nginx i90runner.* 1012 ls -l 1013 ls 1014 sudo vim nginx.conf 1015 cd conf.d/ 1018 sudo vim virtual.conf 1019 sudo sudo service nginx restart