NGINX – Easiest way to setup SSL using .pfx files

Table of contents
Reading Time: < 1 minute

I’ll try to explain the easiest way to use a .pfx file that can be used to install SSL on NGINX.

We’ll start by extracting the CRT file using openssl with the following command

openssl pkcs12 -in ./YOUR-PFX-FILE.pfx -clcerts -nokeys -out domain.crt

Followed by extracting the private key with the following command

openssl pkcs12 -in ./YOUR-PFX-FILE.pfx -nocerts -nodes -out domain.rsa

Other NGINX blogs you might find useful

  1. NGINX – Load Balancing your application made simple
  2. NGINX – Redirecting traffic between www and non-www domain
  3. NGINX – Redirecting HTTP to HTTPS
  4. NGINX – Restrict access to Geographical Locations using GeoIP module
  5. NGINX – Disable direct access (via http and https) to a website using IP address
  6. NGINX – Understanding and Setting up a reverse proxy server

Now we can proceed by setting up a most simple NGINX server using the following configurations

server {
 listen 443 ssl;
 ssl_certificate /path/to/your/CRT_file/domain.crt;
 ssl_certificate_key /path/to/your/RSA_file/domain.rsa;

 root /mnt/coming-soon/bushbeans;
 index index.html;
 include /etc/nginx/mime.types;

Voila! All done.


Written by 

Sidharth is a Lead Consultant, having experience of more than 4.5 years. He has started working on Scala and Clojure and is actively involved in other developmental work. He enjoys working in a team and believes that knowledge is something that should be shared openly and on a large scale. As an avid gamer and passionate player, he likes to be involved in both indoor and outdoor activities.

10 thoughts on “NGINX – Easiest way to setup SSL using .pfx files1 min read

Comments are closed.