Install nginx apt install nginx systemctl reload nginx.service sudo systemctl enable nginx sudo systemctl start nginx sudo systemctl status nginx sudo nginx -s reload SSL Certificate In previous exercise, we can generate a self signed or Let’s encrypt certificate; or we could convert it from a PFX cert. After this step, a certificate (server.crt) and certificate key (server.key) should be generated # Extract encryped private key openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.
A SSL cetificate enables an encrypted connection between client and server. In this exercise, will try to generate self signed certificate and a Let’s encrypt certificate with acme.sh. Self signed cert using OpenSSL mkdir -p /etc/nginx/certificates cd /etc/nginx/certificates # Generate a private key for the CA openssl genrsa 2048 > ca-key.pem # Generate the X509 certificate for the CA openssl req -new -x509 -nodes -days 365000 \ -key ca-key.pem -out ca-cert.