Hello, @kevinmercer
If you’ve imported your new and valid Wildcard SSL certificate you need to make sure it covers the domain name you want to secure and also to edit the domain’s virtual host and edit the SSL configuration block for it.
If you’re using Nginx on Ubuntu server the location of the nginx configuration file will be /etc/nginx/sites-available/example.com
and will have the following content:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 302 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/private/key.pem;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
}
What you need to do is to make sure that the new SSL certificate is loaded in the virtual host, e.g the ssl_certificate
and the ssl_certificate_key
values in the nginx config file need to point to the actual SSL files. You can create the files in the mentioned directory - /etc/ssl/certs
and /etc/ssl/private/
and then update the values in the nginx configuration file. Next, test to make sure that there are no syntax errors in any of your Nginx configuration files:
sudo nginx -t
If no problems were found, restart Nginx to enable your changes:
sudo systemctl restart nginx
Now visit your website at https://example.com to verify that it’s set up properly. You’ll see your home page displayed, and the browser will report that the site is secure.
You can also check this tutorial from our community which covers the same procedure but on slightly older Ubuntu version, however the method is still valid: https://www.digitalocean.com/community/tutorials/how-to-host-a-website-using-cloudflare-and-nginx-on-ubuntu-16-04
Hope this helps!
Let me know how it goes!
Regards,
Alex

by anondon
In this tutorial you will secure your website served by Nginx with an Origin CA certificate from Cloudflare and configure Nginx to use authenticated pull requests. The advantages of using this setup are that you benefit from Cloudflare's CDN and fast DNS resolution while ensuring that all connections pass through Cloudflare. This prevents any malicious requests from reaching your server.