SecurityCategory

Ubuntu Nginx SSL: How to install an SSL certificate on Ubuntu for Nginx.

6 min read
Adem Asha

Did you install an SSL certificate on your Ubuntu-hosted server by installing Nginx as the web server? If not, why risk compromising your website's security? With hackers targeting businesses, large and small, even Google is strongly encouraging website owners to implement SSL certificates. The search engine boosts the search rankings of web pages and blog posts that encrypt transmissions with the https:// prefix. That type of security requires an X.509 Digital Certificate, commonly referred to as a Secure Sockets Layer (SSL) certificate.

To get started, you’ll first need to acquire a digital certificate and then install it on an Ubuntu-hosted server using Nginx as the web server. Read on for some background on the certificates and exact steps for installation.

What is Ubuntu Nginx?

It is an open-source web server that is often used as a reverse proxy server or HTTP cache. It is available for Linux for free.

What is the use of ubuntu nginx?

NGINX is open-source software for web serving, reverse proxying, caching, load balancing, media streaming, IP address handling, and more. The Nginx web server was designed for maximum performance and stability.

Advanced Load Balancer, Web Server, & Reverse Proxy - NGINX

Available SSL digital certificates for a Nginx server on Ubuntu

A trusted third party, called a Certificate Authority (CA), issues three types of digital certificates: Domain Validation (DV), Organization Validation (OV), and Extended Validation (EV). The CA guarantees the digital certificate’s authenticity with a digital signature, so end users (or their software) can trust that the server is genuinely the site it purports to be. Not sure which digital certificate is your best option? I’ve detailed each below, listing them from least to most secure.

Domain Validation (DV)

A Domain Validation certificate confirms that the domain is registered by someone with admin rights to the website. If the certificate is valid and signed by a trusted CA, a browser connecting to the site will inform you that it has successfully secured an HTTPS connection. A DV certificate is all you need to secure a blog or simple website. It is not too complicated or technical. However, it doesn’t offer any firewall, high-level protection, server blocks, or command lines.

Organization Validation (OV)

An Organization Validation certificate validates the domain ownership and includes ownership information such as the site owner’s name, city, state, and country. Again, nothing too fancy.

Extended Validation (EV)

An Extended Validation certificate authenticates the domain ownership, organization information, and your organization’s legal existence. This is the go-to certificate for those engaging in e-commerce. In many browsers, you can easily identify websites with an EV SSL certificate by their green address bars. Sites without SSL certificates will use the http protocol, and http traffic tends to be lower than that of sites with the https protocol. Additionally, sites without an SSL certificate don’t have permission to process payments.

How to secure the service with a firewall like an SSL certificate

To get started, you’ll first need to purchase or acquire an SSL certificate. If needed, here are additional details on how to request and verify an SSL certificate and verify it.

If you have purchased a CA-approved SSL certificate, delivery times can vary: it may take hours for a DV certificate or up to weeks for an EV certificate. The CA will inform you when the certificate is ready for download. Here’s how to retrieve it in seven steps:

  1. Log into Account Manager.
  2. Click SSL Certificates.
  3. Pick the certificate you want to use and click Manage.
  4. Next to the certificate you want to use, in the Actions column, click View Status.
  5. Click Download.
  6. Select the server type, and then click Download Zip File.
  7. Safely store the downloaded file for the future.

How to install an SSL certificate for the Nginx server on Ubuntu

Installing an SSL digital certificate for Nginx is a straightforward process.

Useful links: How to configure Nginx and where to get the Nginx configuration file.

(1) Log into the server using SSH.

(2) Check the OpenSSL client software.

Make sure the OpenSSL client software needed for a secure website is in place with the following command:

This will either install OpenSSL or inform you that it’s already present.

3. Make a directory to store the server key and certificate.

4. Copy the SSL certificate file and server key.

5. Edit the ssl.conf or httpd.conf file.

Here’s an example using the vi text editor:

Once open, the file can be edited to point to the correct files in the web server. The file will look something like this:

6. Reload the Web server.

Use the following command to restart the web server:

This systemctl restart nginx command will restart Nginx, and the secured site should be available at https://example.com.

Learn about the four types of SSL certificates available:

Wildcard SSL Certificate
Extended Validation SSL Certificate
SAN SSL Certificate
Organization Validation SSL Certificate

Efficiently deliver better results by getting an SSL for your ubuntu Nginx server.

When you use The Hub from GoDaddy Pro, suddenly there’s more time in your day to focus on what matters most. Forget about juggling admin tasks—reclaim your time and use it to make clients feel like the center of your universe.

Let’s encrypt you site, Sign up for Free

Products Used

More articles like this

  • Adem Asha

    Adem Asha is a digital marketing expert with a background in content, PR, SEO, and social media and email marketing. Adem enjoys romantic walks to the fridge. When Adem is not writing or reading, he is probably cheering for Real Madrid. Hala Madrid!
    More Articles by Adem Asha