Home MiscellaneousHow to Install an SSL Certificate on Ubuntu with Nginx
Miscellaneous

How to Install an SSL Certificate on Ubuntu with Nginx

by SupportPRO Admin
written by SupportPRO Admin
SSL

Prerequisites

Before you begin, ensure the following requirements are met:

Tools Required: OpenSSL

Operating System: Ubuntu

Web Server: Nginx

Assumptions

  • You have SSH access to your server. Your domain name is: mydomain.com Required files:
  • SSL Certificate: mydomain.com.cert
  • Required files:
  1. SSL Certificate: mydomain.com.cert
  2. Private Key: mydomain.com.key
  3. CSR (Certificate Signing Request): mydomain.com.csr

Step-by-Step Installation Guide

1. Generate a Private Key

Start by creating a 2048-bit RSA private key. Log in to your server via SSH and run:

openssl genrsa -out mydomain.com.key 2048

This will generate the private key file: mydomain.com.key.

2. Generate a Certificate Signing Request (CSR)

Use the private key to generate a CSR:

openssl req -new -key mydomain.com.key -out mydomain.com.csr

You will be prompted to enter the following details:

  • Country Name (2-letter code)
  • State or Province
  • City or Locality
  • Organization Name
  • Organizational Unit (optional)
  • Common Name (your domain, e.g., mydomain.com)
  • Email Address

Ensure the Common Name matches your domain name exactly.

3. Purchase an SSL Certificate

Submit the generated CSR to a trusted Certificate Authority (CA) such as:

  • DigiCert
  • Comodo
  • Let’s Encrypt

After validation, the CA will issue your SSL certificate (mydomain.com.cert).

4. Verify the Certificate and Private Key

To ensure proper SSL functionality, confirm that the certificate, private key, and CSR match by comparing their MD5 hashes:

openssl x509 -noout -modulus -in mydomain.com.cert | openssl md5
openssl rsa -noout -modulus -in mydomain.com.key | openssl md5
openssl req -noout -modulus -in mydomain.com.csr | openssl md5

All three outputs must be identical.

5. Install the SSL Certificate in Nginx

  1. Copy your SSL files to the Nginx directory:
sudo mkdir -p /etc/nginx/certs
sudo cp mydomain.com.* /etc/nginx/certs/
  1. Open your Nginx virtual host configuration file:
sudo nano /etc/nginx/sites-enabled/mydomain.com
  1. Add the following configuration inside the server {} block:
listen 443 ssl;ssl_certificate /etc/nginx/certs/mydomain.com.cert;
ssl_certificate_key /etc/nginx/certs/mydomain.com.key;
  1. Save the file and restart Nginx:
sudo systemctl restart nginx

Important Notes

  • Always keep a secure backup of your private key (.key file).
  • Losing the private key means you must generate a new CSR and reissue the SSL certificate.
  • Ensure proper file permissions to protect sensitive key files.

Conclusion

Once completed, your SSL certificate will be successfully installed, enabling secure HTTPS connections for your domain. You can verify the installation by visiting:

https://mydomain.com

If you require help, contact SupportPRO Server Admin

Partner with SupportPRO for 24/7 proactive cloud support that keeps your business secure, scalable, and ahead of the curve.

Contact Us today!
guy server checkup

You may also like

AWS Cost Optimization for Greater Business Efficiency

Is Anonymous VPS Hosting Right for You? A...

Azure CLI Guide: Automating Cloud Computing for Business...

Small Business Server Management Guide (2026)

Best Practices for Rotating Access Keys in Production...

The Complete Guide to Email Archiving: Tools, Methods,...

How to Detect a DDoS Attack on a...

How to Fix Kubernetes Pods That Are Stuck...

How to Resolve AWS SSM Agent Not Showing...

How to Enable HTTP/3 and QUIC for Faster...

Leave a Comment