Generate CSR for Nginx server

This is how to generate the .csr file, requirement for SSL certificate.

$ openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
-----
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:domain.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Install SSL certificate

cat domain_com.crt > domain_chain.crt ; echo "" >> domain_chain.crt ; cat domain_com.ca-bundle >> domain_chain.crt

—–BEGIN RSA PRIVATE KEY—–
(Your Private Key: your_domain_name.key)
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate: your_domain_name.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate: DigiCertCA.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate: TrustedRoot.crt)
—–END CERTIFICATE—–

Renew ssl certificate let’s encrypt with nginx

When you hate to see your website has ssl invalid certificate and it crossed out like this:

That means you need to update ssl certificate, in this case I use let’s encrypt. I just want to get rid of the invalid ssl certificate logo that make your website looks very unprofessional 🙂

Navigate to path where you place let’s encrypt directory:

$ cd ~/letsencrypt
~/letsencrypt$ sudo ./certbot-auto renew

Finally, restart the nginx, This is using centos, so it’s gonna be like this:

$ sudo /etc/init.d/nginx restart

Done