Question

How do I activate my ssl certificate

Posted June 9, 2020 382 views
Security

It looks like our ssl certificate expired and I imported our wildcard certificate from our domain but I have no idea if it is working. I still get locked out of the DO domain. How do I activate the SSL certificate?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hello, @kevinmercer

If you’ve imported your new and valid Wildcard SSL certificate you need to make sure it covers the domain name you want to secure and also to edit the domain’s virtual host and edit the SSL configuration block for it.

If you’re using Nginx on Ubuntu server the location of the nginx configuration file will be /etc/nginx/sites-available/example.com and will have the following content:

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 302 https://$server_name$request_uri;
}

server {

    # SSL configuration

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl        on;
    ssl_certificate         /etc/ssl/certs/cert.pem;
    ssl_certificate_key     /etc/ssl/private/key.pem;

    server_name example.com www.example.com;

    root /var/www/example.com/html;
    index index.html index.htm index.nginx-debian.html;


    location / {
            try_files $uri $uri/ =404;
    }
}

What you need to do is to make sure that the new SSL certificate is loaded in the virtual host, e.g the ssl_certificate and the ssl_certificate_key values in the nginx config file need to point to the actual SSL files. You can create the files in the mentioned directory - /etc/ssl/certs and /etc/ssl/private/ and then update the values in the nginx configuration file. Next, test to make sure that there are no syntax errors in any of your Nginx configuration files:

sudo nginx -t

If no problems were found, restart Nginx to enable your changes:

sudo systemctl restart nginx

Now visit your website at https://example.com to verify that it’s set up properly. You’ll see your home page displayed, and the browser will report that the site is secure.

You can also check this tutorial from our community which covers the same procedure but on slightly older Ubuntu version, however the method is still valid: https://www.digitalocean.com/community/tutorials/how-to-host-a-website-using-cloudflare-and-nginx-on-ubuntu-16-04

Hope this helps!

Let me know how it goes!

Regards,
Alex

by anondon
In this tutorial you will secure your website served by Nginx with an Origin CA certificate from Cloudflare and configure Nginx to use authenticated pull requests. The advantages of using this setup are that you benefit from Cloudflare's CDN and fast DNS resolution while ensuring that all connections pass through Cloudflare. This prevents any malicious requests from reaching your server.
Submit an Answer