Setting up a SSL Cert from ComodoI use Namecheap.com as a registrar, and they

1. Setting up a SSL Cert from Comodo
2.  
3. I use Namecheap.com as a registrar, and they resale SSL Certs from a number of other companies, including Comodo.
4.  
5. These are the steps I went through to set up an SSL cert.
6.  
7. Purchase the cert
8.  
9. Prior to purchasing a cert, you need to generate a private key, and a CSR file (Certificate Signing Request). You'll be asked for the content of the CSR file when ordering the certificate.
10.  
11. openssl req -new -newkey rsa:2048 -nodes -keyout example_com.key -out example_com.csr
12. This gives you two files:
13.  
14. example_com.key -- your Private key. You'll need this later to configure ngxinx.
15. example_com.csr -- Your CSR file.
16. Now, purchase the certificate [1], follow the steps on their site, and you should soon get an email with your PositiveSSL Certificate. It contains a zip file with the following:
17.  
18. Root CA Certificate - AddTrustExternalCARoot.crt
19. Intermediate CA Certificate - COMODORSAAddTrustCA.crt
20. Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
21. Your PositiveSSL Certificate - www_example_com.crt (or the subdomain you gave them)
22.  
23.  
24. steps
25. 1. cat www_example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt
26. 2. mkdir -p /etc/nginx/ssl/example_com/
27. mv ssl-bundle.crt /etc/nginx/ssl/example_com
28. 3.mv example_com.key /etc/nginx/ssl/example_com/
29. 4.server {
30. listen 443;
31.  
32. ssl on;
33. ssl_certificate /etc/nginx/ssl/example_com/ssl-bundle.crt;
34. ssl_certificate_key /etc/nginx/ssl/example_com/example_com.key;
35.  
36. # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
37. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
38.  
39. # ...
40.  
41. }