Question

How may I config SSL Certificate on nginx/1.25.2 in my Windows Server 2022?

Hi, I hope all is well

I have nginx/1.25.2 in my Windows server 2022 on my Drive Z. I wanted to install my domain SSL on it! But I couldn’t!

Can any body help me step by step, please?

I am waiting for your reply

Thank You


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

alexdo
Site Moderator
Site Moderator badge
October 12, 2023

Heya,

In addition to what’s has been already mentioned, you can check this article on Microsoft’s documentation on how to install SSL as well.

https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/install-imported-certificates

Regards

KFSys
Site Moderator
Site Moderator badge
October 6, 2023

Heya @alinejadbahram,

Setting up SSL on Nginx, even on Windows, follows a somewhat similar procedure as on Linux. Here’s a step-by-step guide to help you set up SSL for your domain on Nginx running on your Windows Server:

  1. Obtain SSL Certificate for Your Domain:

    • I’ll skip this line as I assume you already have an SSL.
  2. Place the Certificates in an Accessible Directory:

    • Once you’ve got your certificates (typically fullchain.pem and privkey.pem or their .crt and .key equivalents), place them in a directory on your server, for instance, Z:\nginx\ssl\.
  3. Update Your Nginx Configuration:

    • Open your your domain’s Nginx configuration file…
    • Inside the server block for your domain, add the following:
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;

ssl_certificate Z:/nginx/ssl/fullchain.pem;
ssl_certificate_key Z:/nginx/ssl/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';

# Other configurations...

Replace yourdomain.com with your actual domain name and adjust the paths to point to where you’ve placed your SSL certificates. 4. Redirect HTTP to HTTPS (Optional): If you want to force redirect all HTTP traffic to HTTPS, you can add another server block like this:

server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com;
    return 301 https://$host$request_uri;
}
  1. Test Configuration and Reload:
  • Before applying changes, it’s always a good idea to test your Nginx configuration for syntax errors:
nginx -t
nginx -s reload

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel