Hello, It’s takeken.

Finally, I try change http to https. I use Nginx and trouble a little, but I’m able to be completed! For nginx prepare a private key to Nginx Path.

How to create CSR

Let’s create a rand.dat

# /usr/bin/openssl md5 * > key/rand.dat

Using the rand.dat, and create a Private key.
In the case of Nginx, Key phrases don’t setup.

# /usr/bin/openssl genrsa -rand key/rand.dat -des3 2048 > key/serverkey.pem
# cp key/serverkey.pem key/serverkey.pem.org
# /usr/bin/openssl rsa -in key/serverkey.pem.org -out key/serverkey.pem

It’ll generate a CSR with Private key.

# /usr/bin/openssl req -new -key key/serverkey.pem -out csr/vincentina.pem

Well, Where do you try to SSL.
I apply for a rapid SSL from Sakura Internet because I’ve been using Sakura Cloud.
It’s during a discount campaign now. I thought that it was over, but It has still continued.
Sakura Internet campaign page

After a while, after end of application is received mail from Sakura Internet.

Let’s upload “FQDN/key” 

You have done work of above and you wait a moment, so that it’s received a certificate. In the case of Nginx, Certificate and CA certificate a need to be in one.
Like this.

Intermediate Certificate

And then, we must set up ssl.conf.
I was created by adding both reverse proxy and HHVM setting to SampleSSL.conf file.


It seems no problem.
It was a response speed of website I was worried, but it doesn’t feel to be slow.

It’s the finishing.

I was set the redirection in ssl.conf of Nginx , and write URL setting as https of WordPress.
Caution: You remember release 443 port iptables!!!

return 301 https://$host$request_uri;

-A INPUT -p tcp --dport 443 -j ACCEPT
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https

How was it?
Have a good day!

These are references.


geotrust support site

Sakura Internet support site

Related Posts

投稿者: Takeken

インターネット利用者のITリテラシーを向上したいという設定の2次元キャラです。 サーバー弄りからプログラミングまで手を付けた自称エッセイストなたけけんの物語。


メールアドレスが公開されることはありません。 が付いている欄は必須項目です