How to install COMODO SSL Certificates for NGINX 



DO ALL THINGS ON LIVE NOT ON LOCAL SERVER


Setting up a SSL Cert from Comodo
=================================

Step 1: Create new example key and CSR files  


openssl req -new -newkey rsa:2048 -nodes -keyout example_com.key -out example_com.csr


 


This gives you two files:

* ``example_com.key`` -- your Private key. You'll need this later to configure ngxinx.
* ``example_com.csr`` -- Your CSR file.

Now, purchase the certificate [1]_, follow the steps on their site, and you should soon get an 
email with your *PositiveSSL Certificate*. It contains a zip file with the following:

* Root CA Certificate - `AddTrustExternalCARoot.crt`
* Intermediate CA Certificate - `COMODORSAAddTrustCA.crt`
* Intermediate CA Certificate - `COMODORSADomainValidationSecureServerCA.crt`
* Your PositiveSSL Certificate - `www_example_com.crt` (or the subdomain you gave them)




DO ALL THINGS ON LIVE NOT ON LOCAL SERVER


Step 2: Go To orders, and Click on order detail and then re issuing the certificate


If no option is coming then contact live chat support and then submit the CSR FILE TO THEM.


Upload the generated CSR File and use CNAME as authenticate options




Go to hosting providers panel to add the CNAME


CNAME Will  provided by the chat support








DO ALL THINGS ON LIVE NOT ON LOCAL SERVER



Step 3: 




Install the Commodo SSL cert
----------------------------
f
Combine everything for nginx [2]_:

1. Combine the above crt files into a bundle (the order matters, here)::

    cat www_site_name_com.crt COMODORSADomainValidationSecureServerCA.crt  COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt



UPdated  FILES


1.AddTrustExternalCARoot.crt  


2. My_CA_Bundle.ca-bundle


3.   SectigoRSADomainValidationSecureServerCA.crt  


4. USERTrustRSAAddTrustCA.crt  


5.  www_specialneighborhood_com.crt



UPdated command


 cat www_site_name_com.crt SectigoRSADomainValidationSecureServerCA.crt   USERTrustRSAAddTrustCA.crt   AddTrustExternalCARoot.crt > ssl-bundle.crt


DO ALL THINGS ON LIVE NOT ON LOCAL SERVER




2. Store the bundle wherever nginx expects to find it::

    mkdir -p /etc/nginx/ssl/example_com/
    mv ssl-bundle.crt /etc/nginx/ssl/example_com/

3. Ensure your private key is somewhere nginx can read it, as well.::

    mv example_com.key /etc/nginx/ssl/example_com/

4. Make sure your nginx config points to the right cert file and to the private
   key you generated earlier::

    server {
        listen 443;

        ssl on;
        ssl_certificate /etc/nginx/ssl/example_com/ssl-bundle.crt;
        ssl_certificate_key /etc/nginx/ssl/example_com/example_com.key;

        # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

        # ...

    }

6. Restart nginx.



DO ALL THINGS ON LIVE NOT ON LOCAL SERVER




































Comments









  1. TechnosmartJune 9, 2021 at 2:39 AM
    Looking for Norton Support visit our website or reffer our blog for Norton Antivirus trouble shooting "norton help number uk  norton antivirus sign in sonar advanced protection
    "
    ReplyDelete











Post a Comment























Popular posts from this blog









Setting up Orthanc server on Ubuntu 16 





















   Setting up Orthanc server on Ubuntu 16.    # How to compile, install and run newest version of Orthanc DICOM server  # from Github source in Ubuntu 16.04 LTS  cd  sudo apt-get update  sudo apt-get install build-essential unzip cmake mercurial uuid-dev libcurl4-openssl-dev liblua5.1-0-dev libgtest-dev libpng-dev libsqlite3-dev libssl-dev libjpeg-dev zlib1g-dev libdcmtk2-dev libboost-all-dev libwrap0-dev libcharls-dev libjsoncpp-dev libpugixml-dev doxygen qupzilla  sudo rm -rf Orthanc*  sudo apt-get purge orthanc  git clone https://github.com/jodogne/OrthancMirror.git  mkdir ~/OrthancBuild  cd ~/OrthancBuild/  cmake -DSTATIC_BUILD=ON -DCMAKE_BUILD_TYPE=Release ~/OrthancMirror/  sudo make  sudo make doc  ./Orthanc --version  ./Orthanc &  qupzilla http://localhost:8042/app/explorer.html  # press ESC key twice to ignore warning messages about Mozilla Firefox  # when using the file upload function      Original Post AT:     https://mark911.wordpress.com/2016/07/13/how-to-compile-i...








Read more










HTML




















Image







            Skip to main content                       LOG IN  SIGN UP                        PDF           WEB-BASED SURVEY MANAGEMENT SYSTEM (W-SMS): USEFULNESS AND EASE OF USE     Proceedings of Regional …, 2010       M. Abd Wahab      Download with Google Download with Facebook or  download with email                WEB-BASED SURVEY MANAGEMENT SYSTEM (W-SMS): USEFULNESS AND EASE OF USE    DOWNLOAD                                  Proceedings  of  Regional  Conference  on  Knowledge  Integration  in  ICT  2010  445   WEB-BASED SURVEY MANAGEMENT SYSTEM (W -SMS): USEFULNESS AND EASE OF USE   Suleiman Yafao Elhejaj, Ariffin Abdul Mutalib, *Mohd Helmy Abd Wahab.   Universiti Utara Malaysia 06010 Sintok, Kedah suliman_alhegag@yahoo.com * Universiti Tun Hussein Onn Malaysia (UTHM) 86400 Batu Pahat, Johor   Abstract   This pap er discusses  an ongoing p roject.  The aim  of the project is to dev elop an in-...








Read more