Nginx/Apache deploys NameCheap SSL certificate to implement HTTPS address method

Following the article "Namecheap SSL Certificate (PositiveSSL) Activation and Nginx Environment SSL Acquisition", Snail has shared how to experience and practice how to activate and install the PositiveSSL purchased cheaply on Black Friday into the website. Although the current HTTPS address does not support the Chinese environment very well, it will be a trend in the future, so technical learning and organization can be reserved for future use.

Because the time and energy in the previous article were limited and I did not compile and record them all, I took some time during the New Year's Day holiday to deploy the obtained SSL certificate to the website. Slightly different from the WoSign SSL certificate is that Nginx and The Apache environment uses a common set of certificate files, so we can deploy the certificate file obtained from Namecheap to Nginx and Apache website environments.

The above is the certificate file we obtained from the official Namecheap. It is different from the one used by NC. The certificate file has been merged into two files. Those who have played with it before should know that 4 files are still needed. We merged ourselves and it’s much easier now.

First, preparations for deploying Namecheap SSL certificate

Whether we deploy the SSL certificate to the Nginx environment or the Apache environment, we must first copy the laozuo.csr and laozuo.key files generated in the server to the local area.

Secondly, we also need to decompress the compressed package file downloaded from NC, decompress both files and put the above two files together. Although it is not necessary to use them all, at least they are backed up together for later use. When it arrives, upload it to the designated directory. We will customize the names laozuo_org.ca-bundle and laozuo_org.crt here. We define the names ourselves. We are afraid of confusion later, so don’t name them randomly.

Second, deploy SSL in Nginx environment

1. Upload the laozuo.key and laozuo_org.crt files to the /usr/local/nginx/conf/ directory.

2. Configuration .conf file

/usr/local/nginx/conf/vhost/

In the above directory, we need to modify the configuration of the .conf file corresponding to the SSL certificate site

In the configuration file, we can see that the annotation part was added by me, and then the update file will take effect after restarting NGINX, and all the original HTTP will be redirected to the HTTPS address. Of course, this is just a simple configuration. Snail has seen a lot of tutorials and there are many parameters that can be set, such as cache time, etc. I will study this later. If you have friends who know it, you can give me some advice.

3. Restart nginx to take effect

Third, deploy SSL certificate in Apache environment

Looking through previous blog posts, Snail has written about deploying SSL certificates in the Apache environment in "LAMP (Apache) environment to deploy and install SSL security certificates and HTTPS encrypted websites". The method is somewhat similar. of. In this environment Snail is in Apache 2.2 environment, version 2.4 may be different.

1. Ensure SSL module deployment

yum install opensslyum install mod_ssl

Regardless of whether it is deployed in our environment or not, we still redeploy it ourselves.

2. Check and start the SSL module

In our environment, it is the ssl.conf file in the /etc/httpd/conf.d/ directory. Snail opens it with the Submlime editor.

Check the LoadModule ssl_module modules/mod_ssl.so line, and then if you see # in front, remove it and start it. If it has been removed, ignore it.

3. Edit and deploy SSL

Similarly in the ssl.conf file, edit the lines below the location

DocumentRoot \\”/var/www/laozuo.org/public_html/\\”ServerName laozuo.org:443SSLEngine onSSLCertificateFile /root/laozuo.org.crtSSLCertificateKeyFile /root/laozuo.keySSLCertificateChainFile /root/laozuo_root_bundle.crt

What needs to be noted here is the 3 file paths that need to be uploaded. Where we upload them, the URL will be used.

4. Restart apache

service httpd restart

Fourth, Namecheap SSL certificate deployment summary

Whether we use paid or free SSL certificates, the general process is actually the same. Just deploy the obtained certificate file to the corresponding path of the corresponding environment and connect it. Of course, some details and information are also included. It's a bit messy. Let's test it with a practical site later.

For example, I saw some caching times and some parameters that I didn’t understand very well. They were not added during the above deployment. I will use them on an actual website later to see the corresponding effects. If you have friends who are more proficient in using HTTPS, you can let them know or contact Snail. Snail would like to ask a few questions.

Recommended site search: free domain name, domain name registration application, free http proxy ip, website registration information, server rental US high defense, Hong Kong cloud host, Hong Kong vps host, website virtual host, Hong Kong vps host rental, domain name registration service ,