(1 votes, average: 5.00 out of 5, rated)
Loading...How to Install SSL Certificate to a WordPress Site Hosted on Nginx Server?
(1 votes, average: 5.00 out of 5, rated)Loading...
Do you want to secure your WP site hosted on an Nginx server using an SSL cert but aren’t aware of the know-how? If that’s the issue with you, don’t – fret! As you have landed on the right article.
In this article, we will explore – “How to install SSL cert on a WordPress site hosted on Nginx Server?”
As you might know, to secure your WP site hosted on an Nginx server, the first and foremost thing that you must have is an SSL cert.
Also Read: How to Install SSL Certificate in NGINX Server?
So, now the question that arises here is: How do you obtain one? The answer is straightforward. To get an SSL cert, you need to submit a CSR for authentication (verification) to a trusted Certificate Authority like – Comodo, Certera, Sectigo, DigiCert etc.
How to Install SSL Cert to a WP Site hosted on a Nginx Server?
Follow the steps to install an SSL cert on the WP site hosted on Nginx Server:
Step 1: Upload Certificate
Once the CSR has been successfully validated, it will be sent to you on your registered mail ID in the form of a .zip folder. Once received, open it and extract all the files, such as:
- .crt file
- .ca-bundle file
Once extracted, upload the certificate files on the Nginx server by using your login credentials.
Step 2: Combine Certificates
In this step, you need to copy all the content of your .crt file and .ca-bundle file and paste it into a single file (final.crt). The content of the .crt file should be pasted firs, and then the content of the .ca-budle file should be pasted in the final certificate file (final.crt file).
Once done, submit the file (directory) where you desire the file to be uploaded. After doing so, run any one of the commands mentioned below:
- $ cat your_domain_name.crt your_domain_name.ca-bundle >> your_domain_name_chain.crt
- $ cat your_domain_name.crt > your_domain_name_chain.crt ; echo >> your_domain_name_chain.crt ; cat your_domain_name.ca-bundle >> your_domain_name_chain.crt
Step 3: Modify Nginx Configuration
In this step, you need to modify the Nginx server configuration, or you can simply create an Nginx block separately. There are two methods to do so. Choose any one that suits you:
- Make the new Nginx config file
- Edit the current Nginx config file
Let’s explore both methods.
Method 1: Make the new Nginx config file
If you are opting for this method, you can be assured of one thing – There will be no issues with the configuration file, which may exist in the current or existing configuration file.
After creating a new configuration file, make sure that you add it to the /etc/nginx/conf.d folder. If you are unable to find the folder, you can also use the command mentioned below to do the needful:
sudo nano /etc/nginx/conf.d/Domain_name_final*-ssl.conf After creating the Nginx configuration file, copy and paste the server blocks for the 443 port and edit the directories. Verify that the server name and path to Webroot matches in both server block ports—443 and 80.
Method 2: Edit the Current Nginx Config File
If you want to use this method, then you need to edit the nginx.conf (default configuration file of Nginx web server). The nginx.conf file can be found in any of these locations:
- /etc/nginx
- /usr/local/etc/nginx
- /usr/local/nginx/conf
In case you are not able to find the nginx.conf file, use the command mentioned below to do the same:
sudo find / -type f -iname “nginx.conf”After finding the nginx.conf file, open it using the sudo nano nginx.conf command. Once opened, copy & paste server blocks for port 443. After that, edit directories as per your server block for port 80.
Recommended: Port 80 (HTTP) vs. Port 443 (HTTPS): Difference
Also, make sure that the server name, necessary values, and webroot path all match. And for port 80, you can duplicate the server block, paste it below, modify the port, and include the necessary SSL directives.
Step 4: Choose the Appropriate Server Block
Now, you need to select the server block depending on the Nginx version.
Use the below mentioned server block for Nginx version 1.14 and down:
server {
listen 443;
ssl on;
ssl_certificate /path/to/certificate/your_domain_chain.crt;
ssl_certificate_key /path/to/your_private.key;
root /path/to/webroot;
server_name your_domain.com;
}Use the below mentioned server block for Nginx version 1.15 and up:
server {
listen 443 ssl;
ssl_certificate /path/to/certificate/your_domain_name_chain.crt;
ssl_certificate_key /path/to/your_private.key;
root /path/to/webroot;
server_name your_domain_name.com;
}Ensure that ssl_certificate points toward the private key and the file containing the combined certificates you created before.
Step 5: Verify Configuration
In this step, you need to verify syntax correctness and troubleshoot any errors.
To verify the syntax of the configuration file, use the command mentioned below:
sudo nginx –tTo find the error logs for troubleshooting, use the command mentioned below:
sudo nginx -T | grep ‘error_log’
You can use the tail /var/log/nginx/error.log -n 20command to check the default system log, in cases such as:
- The named file does not exist
- Non-error files are mentioned,
- Files are commented out
Use the below mentioned command if the test is successful and restart the Nginx server:
sudo nginx -s reloadKudos!! You have successfully installed an SSL cert to a WP site hosted on Nginx Server.
Test The Installation
All that’s left is to test the installation using diagnostic tools such as:
- SSL Checker or SSL Labs
- SSL/TLS Capabilities of Your Browser, etc.
Doing so will provide prompt assessments and in-depth analysis of your SSL certificate’s condition.
You Might Interested: How to Install a Wildcard SSL Certificate on NGINX Server?
Cheapest SSL/TLS Certificates starts at just $2.99 Per Year
~ Browse the Catalog
