Upload the applied SSL certificate file to the server: Upload the certificate file (usually with the extension. Pem or. Crt) to the specified directory of the server, such as /etc/nginx/ssl.
Configure Nginx virtual host: Open the configuration file of Nginx, usually located in /etc/nginx/nginx.conf or /etc/nginx/conf.d/default.conf, and find the virtual host configuration block that needs to enable HTTPS.
Add SSL certificate configuration: add the following configuration items in the virtual host configuration block to enable SSL certificates:
Server {
Monitor 443 ssl
server _ name your _ domain.com
SSL _ certificate/etc/nginx/SSL/your _ cert . CRT;
SSL _ certificate _ key/etc/nginx/SSL/your _ private _ key . key;
# Optional: To enhance security, you can add the following configuration items.
SSL _ protocols tlsv 1.2 tlsv 1.3;
ssl _ prefer _ server _ ciphers on
SSL _ ciphers“EECDH+AES GCM:EDH+AES GCM:AES 256+EECDH:AES 256+EDH”;
Location/{
# Configure agents or other related business logic
}
# Other virtual host configurations ...
}
Pay attention to replace your_domain.com, your_cert.crt and your_private_key.key with the actual domain name, certificate file and private key file path.
Save the configuration file and restart Nginx: After the configuration is completed, save the file and reload or restart the Nginx service for the configuration to take effect.
Sudo system ctl reloads nginx.
or
Sudo systemctl restarts nginx.
Configure a firewall: If a firewall is enabled on the server, ensure that inbound/outbound HTTPS traffic is allowed to pass through the firewall.