Question

How do I activate my ssl certificate

It looks like our ssl certificate expired and I imported our wildcard certificate from our domain but I have no idea if it is working. I still get locked out of the DO domain. How do I activate the SSL certificate?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

alexdoJune 16, 2020

Hello, @kevinmercer

If you’ve imported your new and valid Wildcard SSL certificate you need to make sure it covers the domain name you want to secure and also to edit the domain’s virtual host and edit the SSL configuration block for it.

If you’re using Nginx on Ubuntu server the location of the nginx configuration file will be /etc/nginx/sites-available/example.com and will have the following content:

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 302 https://$server_name$request_uri;
}

server {

    # SSL configuration

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl        on;
    ssl_certificate         /etc/ssl/certs/cert.pem;
    ssl_certificate_key     /etc/ssl/private/key.pem;

    server_name example.com www.example.com;

    root /var/www/example.com/html;
    index index.html index.htm index.nginx-debian.html;


    location / {
            try_files $uri $uri/ =404;
    }
}

What you need to do is to make sure that the new SSL certificate is loaded in the virtual host, e.g the ssl_certificate and the ssl_certificate_key values in the nginx config file need to point to the actual SSL files. You can create the files in the mentioned directory - /etc/ssl/certs and /etc/ssl/private/ and then update the values in the nginx configuration file. Next, test to make sure that there are no syntax errors in any of your Nginx configuration files:

sudo nginx -t

If no problems were found, restart Nginx to enable your changes:

sudo systemctl restart nginx

Now visit your website at https://example.com to verify that it’s set up properly. You’ll see your home page displayed, and the browser will report that the site is secure.

You can also check this tutorial from our community which covers the same procedure but on slightly older Ubuntu version, however the method is still valid: https://www.digitalocean.com/community/tutorials/how-to-host-a-website-using-cloudflare-and-nginx-on-ubuntu-16-04

Hope this helps!

Let me know how it goes!

Regards, Alex

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up