Security plays huge role in cyber world and SSL installation process requires deep concentration. Installation depends on the type of server. The SSL Certificate is a type of text file with encoded data that will be used by your server once the certificate is installed. In below article, we have highlighted installation process of Thawte SSL123 on Nginx server that requires careful attention. Before installing the certificate, it is advisable to store your .crt file at safe place in case of any server fault you can easily re-secure your server.
Thawte SSL123 Installation on nginx (engine-x) server becomes more crucial when you are doing this task first time. Here we received one query from our reader who tried to install Thawte SSL123 on their nginx server.
Today when we were installing Thawte SSL123 certificate on our nginx server, we came across “Unknown Issuer” error! Can you please guide us on how to install this SSL on nginx server?
Answer by one of our blog reader:
We often come across such installation error when client web server does not response on certificate validation and shows an error of ‘unknown issuer’. Here is the best method that I used on my nginx server for enabling Thawte SSL 123 certificate.
Installing SSL123 certificate on Nginx Server:
- To create a CSR key on Nginx server, you need to create a directory where the certificate and keys will be stored.
- After creating directory, you need to generate 2048-bit private key using Openssl command.
- Now, your CSR is created and you will be asked details like common name, locality, email address, state name etc.
- Your CSR key will look like as under, embedded with “Begin Certificate Signing Request – End Certificate Signing Request”.
- Download Thawte SSL123 certificate from Thawte or their authorized resellers like us.
- Download primary and intermediate certificates (Due to change in RSA key it is necessary to download these certificates).
- Now combine all three certificates including SSL certificate, Primary and intermediate certificate in a single file.
- Now add ssl_verify_depth 3 to your configuration file and restart nginx server.
Your configuration file will look like the following:
ssl_certificate /path/to/certificate.bundle.cert; ssl_certificate_key /path/to/private.key; ssl_verify_depth 3;
Finally, your certificate installation is complete and your browser verifies it as a legitimate SSL certificate. Even you can check SSL installation on various tools available online. In case if you only need to set up intermediate certificate, you can use this method but change the number of certificate in ssl_verify_depth.
You can find detailed instruction on installing SSL certificate on your nginx server here at their official documentation.