nginx ssl pfx – Brakertech

This article will explain what to do with nginx ssl pfx.

First get the pfx file to your server. In this example we will be using a directory called “ssl” off of the nginx root (where nginx.conf is located).

From within the ssl folder, export the certificate:

openssl pkcs12 -in star.yourdomain.com.pfx -nokeys -out star.yourdomain.com.pem

Export the private key:

openssl pkcs12 -in star.yourdomain.com.pfx -out star.yourdomain.com.key -nocerts -nodes

in the server portion of your config (for 443) add this:

  ssl on;
  ssl_certificate ssl/star.yourdomain.com.pem;
  ssl_certificate_key ssl/star.yourdomain.com.key;
  ssl_session_timeout 5m;
  ssl_protocols SSLv3 TLSv1;
  ssl_ciphers HIGH:!ADH:!MD5;
  ssl_prefer_server_ciphers on;

Final configuration:

  server {
        server_name some-subdomain.yourdomain.com;
        listen 443;
        root /data/www/yourdomain;
        ssl                  on;
        ssl_certificate ssl/star.yourdomain.com.pem;
        ssl_certificate_key ssl/star.yourdomain.com.key;
        ssl_session_timeout  5m;
        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
}

Brakertech

Leave a Reply Cancel reply