A pfx file has been sent to active ssl on nginx. So what can i do to active certificate on nginx. Let’s look closer what steps will be done?
First of all, we have to create encrypted key file and crt file. Follwing code block shows us how encrypted key file can be created.
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]
Second, we are creating crt file via following code.
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]
Third step is creating ca certificate via following code
openssl pkcs12 -in certfile.pfx -cacerts -out bundle.crt
Now we have created cl and ca crt file so we can use it on nginx. We will concat those files.
cat [certificate.crt] [bundle.crt] > [domain.tld.chained.crt]
One more step is be done. We have created encyrpted key file before. Afterwards we will decrypt it via following code.
openssl rsa -in [keyfile-encrypted.key] -out [keyfile-decrypted.key]
Finally, we will use key and crt files in nginx configuration.
server {
listen 80;
listen 443 ssl;
server_name [your-domain-name];
ssl_certificate [domain.tld.chained.crt];
ssl_certificate_key [keyfile-decrypted.key];
}
All we have to do ise restart nginx and start using new certificate. Thanks for reading. If you have any questions, please don’t hesitate to ask.
Source: https://xy2z.io/posts/2020-pfx-certificates-nginx-apache2/
Leave a Reply