Related
Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Question
Question
Question
Add a further ssl certificate to nginx/serverpilot multisite wordpress droplet
Using the great tutorials here I successfully implemented ssl certificates for a few sites on my multisite serverpilot wordpress droplet. But how to add further certificates? I have generated new certificate such that I now have a folders under /etc/letsencrypt/live called bell-computing.com (with the already working certificates) and paulmarshall.com (with the new certificate i want to add).
I have a single conf file, nginx-sp.ssl.conf, in /etc/nginx-sp/ but not sure how or even if I edit it.
Below are the contents of this file
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bell-computing.com www.bell-computing.com;
ssl on;
# letsencrypt certificates
ssl_certificate /etc/letsencrypt/live/bell-computing.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bell-computing.com/privkey.pem;
#SSL Optimization
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:20m;
ssl_session_tickets off;
# modern configuration
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
# verify chain of trust of OCSP response
ssl_trusted_certificate /etc/letsencrypt/live/bell-computing.com/chain.pem;
#root directory and logfiles
root /srv/users/serverpilot/apps/wordpress/wordpress_nginx/public;
access_log /srv/users/serverpilot/log/wordpress/wordpress_nginx.access.log main;
error_log /srv/users/serverpilot/log/wordpress/wordpress_nginx.error.log;
#proxyset
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Forwarded-Proto $scheme;
#includes
include /etc/nginx-sp/vhosts.d/wordpress.d/*.nonssl_conf;
include /etc/nginx-sp/vhosts.d/wordpress.d/*.conf;
}
Related
Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Question
Question
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×