Tutorial install Comodo SSL, SSL certificate from comodo free 90 days on VPS centos, Debian, Ubuntu. This way is not much different with how to create a SSL certificate self-signed in Nginx. Prior to listing on the Comodo Certificate should make Signing Request (CSR) first so that the process of registration free Comodo SSL fast.
Create a file a Certificate Signing Request (CSR)
connect via ssh command line, create a new folder, ssl example (replace according to taste)/etc/nginx//directories
mkdir /etc/nginx/ssl
Go into the newly created directory i.e. ssl
cd /etc/nginx/ssl
then copy and paste the following command:
openssl req -nodes -newkey rsa:2048 -keyout sshagan.net.key -out sshagan.net.csr
the above command will create two files, namely URsshagan.net.key and URsshagan.net.csr passing will generate the private key file of 2048 bits then continues with some questions to be answered in the Create Certificate Signing Request (CSR) is roughly the output like the following:
Generating a 2048 bit RSA private key ..................................+++ ..+++ writing new private key to 'sshagan.net.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:ID State or Province Name (full name) []:Jakarta Locality Name (eg, city) [Default City]:Jakarta Selatan Organization Name (eg, company) [Default Company Ltd]:sshagan.net Organizational Unit Name (eg, section) []:Sumatera Coffee Common Name (eg, your name or your server's hostname) []:sshagan.net Email Address []:info@sshagan.net Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
If to: A challenge password []: An optional company name []: directly enter
only. CSR file was successfully created, right. now see the csr file that has been created with the command cat:
cat sshagan.net.csr
The output is roughly like this:
-----BEGIN CERTIFICATE REQUEST----- MIIC5TCCAc0CAQAwgZ8xCzAJBgNVBAYTAjYyMRgwFgYDVQQIDA9MYW1wdW5nIFNl bGF0YW4xETAPBgNVBAcMCEthbGlhbmRhMRAwDgYDVQQKDAdCYWJ1bGFuMRgwFgYD VQQLDA9TdW1hdGVyYSBDb2ZmZWUxFTATBgNVBAMMDGJhYnVsYW5nLmNvbTEgMB4G CSqGSIb3DQEJARYRaW5mb0BiYWJ1bGFuZy5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCyYQwJC7wEE9c+lOVPEyNt4XlY65pjnQsNutM7qaLane+d IT2G0xBPhzlSl9esE2k6/2nze7iu9j3qJEdA7tI90k50l+17jD+CFkmSnKnNeX4s nbpUvP8tCJk0FkliIIgbLS//qbL/OT3+udgDP/mVu74C4gpDcCD2pXVMErkhe0Mh eDcX++VN8kGfnak3ATVWxsN3sKucDBKWtChluRE3ihdxTlwY3UJawQFe7rz/9+06 SboILbcjqg7M0VOGnobfVb+Y8UUV9AOLwmU7jb1SmI9gv7G+fkcS3ieylTR8ASbt P8BqS6Jg09qwx/EA+MgLJy9KqK9i7yUshwC+nGibAgMBAAGgADANBgkqhkiG9w0B AQUFAAOCAQEAGmImCb1JDtVkoDInO5E2bX3+F950Tdue6ZHraWykeKshWGrEWam/ F/Kd6hxuPwXjxbJyiN5qwcvvOElEijiWgoEZPqNDv8aXFqV5vvIpBTafTAsjm8b2 wMm2OmJh8YQnAGANOlY4nPuqNNX4rNJco7jx8eeePVwjEtHdfFh/3xN7VAqkF3HR cFPOn6/MxqTGb20Qe+iZrahteea93ddvhxb51V0tfaU0QbCyx7iynSwaxPtnQzXM iUvDno4/4y19MTKaku9/zX3nZ3+zPGjrYQNUtF5LTfT60twQtKUv7mjDNIwAW1j9 +1eAk2rxmnFKFGaAb67yKD6F9tvaLhX9Uw== -----END CERTIFICATE REQUEST-----
The selection and copy the contents of the csr will be dipaste on the registration field in Comodo SSL.
Submit the CSR
Next visit Comodo free SSL certificate at: URhttps://ssl.comodo.com/free-ssl-certificate.php
click button Free Trial SSL
1. Paste the CSR in the column
number one
2. in section = 2. Select the server software used to generate the CSR: Nginx
3. click Next
4. Next Domain Control Validation will be sent to the email you registered at the time of the domain registration. Please follow the instructions in the email
5. Please complete the contact form, the user and password
6. Click Next
Wait a few minutes until the certificate is issued, Comodo will send an Email with attachment files of SSL certificate options and also the Trust Logo to install.
How to Install SSL Certificate Comodo
Next incoming email? okay, check the attachment of the SSL certificate in the form of archive files. ZIP (got my name URbabulang_com.zip).
Upload the zip file to a directory/etc/nginx/ssl
Extract
unzip sshagan.net.zip
After the extracted files are normally there are 4 certificates. CRT, the name of the file is approximately as follows:
AddTrustExternalCARoot.crt
sshagan.net.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
Merge the content of the files. The CRT became one with the command cat (concatenate) with shell redirection (>).
cat AddTrustExternalCARoot.crt sshagan.net.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt > ssl-bundle.crt
Clear, the next edit config Nginx, add the following lines into config nginx
listen 443 ssl; server_name babulang.com; # referensi file certificate & private key ssl on; ssl_certificate /etc/nginx/ssl/ssl-bundle.crt; ssl_certificate_key /etc/nginx/ssl/sshagan.net.key;
Reload nginx
nginx -s reload
Check HTTPS
process that is fair to make tired, it’s time to see results, check the connection protocol https.
Open your favorite browser, try to visit your website with the https://prefix if there’s Green corner Castafiore icon address bar sign success installing Comodo SSL certificate.
