Log In
Register
SSL Brands
Sectigo SSL Certificates
RapidSSL Certificates
Thawte SSL Certificates
GeoTrust SSL Certificates
DigiCert SSL Certificates
Certificates
Single Domain Certificates
SSL Tools
CSR Generator
CSR Decoder
SSL Certificate Decoder
SSL Certificate Checker
SSL / Key Matcher
SSL Certificate Converter
Contact
Games
How to Install SSL on Nginx: Complete Guide for RPM and Debian Systems
How to Install SSL on Nginx: Complete Guide for RPM and Debian SystemsLearning how to install SSL on Nginx is essential for securing your web server and encrypting data transmission. This guide covers the complete installation process for both RPM-based and Debian-based Linux distributions.
Prerequisites Before You Begin
Before starting, ensure you have root or sudo access, a valid SSL certificate with private key, and Nginx installed and running on your system.
How to Install SSL on Nginx RPM-Based Systems
For CentOS, Rocky Linux, AlmaLinux, RHEL, or Fedora, follow these steps:
Install Nginx (if needed):
sudo yum install nginx
# or for newer systems
sudo dnf install nginx
Configure SSL Server Block:
Edit /etc/nginx/nginx.conf or create /etc/nginx/conf.d/yourdomain-ssl.conf:
server {
listen 443 ssl;
server_name yourdomain.com;
root /var/www/html;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;
location / {
try_files $uri $uri/ =404;
}
}
Test and Reload:
sudo nginx -t
sudo systemctl reload nginx
How to Install SSL on Nginx Debian-Based Systems
For Ubuntu and Debian servers:
Install Nginx:
sudo apt update
sudo apt install nginx
Create SSL Configuration:
Create /etc/nginx/sites-available/yourdomain-ssl:
server {
listen 443 ssl;
server_name yourdomain.com;
root /var/www/html;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;
location / {
try_files $uri $uri/ =404;
}
}
Enable and Reload:
sudo ln -s /etc/nginx/sites-available/yourdomain-ssl /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
Security Enhancements
Add these directives to your SSL server block for optimal security:
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE+AESGCM:ECDHE+AES256:ECDHE+AES128:!aNULL:!MD5:!DSS;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=63072000" always;
Force HTTPS Redirect
Add this server block to redirect HTTP to HTTPS:
server {
listen 80;
server_name yourdomain.com;
return 301 https://$server_name$request_uri;
}
Testing Your SSL Installation
Verify your configuration by accessing https://yourdomain.com in a browser, using online SSL checker tools, or running openssl s_client -connect yourdomain.com:443 to examine certificate details.
Following this guide on how to install SSL on Nginx ensures your web server supports secure HTTPS connections with proper encryption and modern security standards.