Apply all necessary steps from R Consulting Appliances Installation, Initial configuration and respective role checklists first.
Create a PEM certificate nginx
can use. Having a certificate file (usually .crt
), certificate authority bundle (usually .pem
or .ca.pem
) and a password-unprotected private key (usually .key
file), concatenate them with the following command:
$ cat cert.crt ca-bundle.pem private.key > host.domain.tld.pem
Copy certificate to /usr/local/etc/nginx
.
Create /usr/local/etc/nginx/local.conf.ssl.conf
with the following contents:
ssl_certificate host.domain.tld.pem;
ssl_certificate_key host.domain.tld.pem;
Create /usr/local/etc/nginx/rcons.public.ssl.conf
with the following contents:
listen 443 ssl;
server_name host.domain.tld;
Test configuration with nginx -t
and fix any issues found. Use nginx -tT | less
to display post-processed, albeit not in-order, configuration.
Apply new configuration with service nginx restart
.
.pfx
fileKeep password close then run
openssl pkcs12 -in file.pfx -clcerts -nokeys -out host.domain.tld.crt
openssl pkcs12 -in file.pfx -nocerts -nodes -out host.domain.tld.key
.pfx
fileopenssl pkcs12 -export -out file.pfx -inkey fqdn.key -in fqdn.crt -certfile ca-bundle.pem
openssl x509 -noout -text -in file.pem | grep 'Subject:\|Not Before:\|Not After :'