Create and attach ssl certificate

• Make directory for the certificate

  sudo mkdir /etc/httpd/ssl
  cd /etc/httpd/ssl
  

• Create a server key and Certificate Signing Request

  • Creating the private server key

    sudo openssl genrsa -des3 -out server.key 1024

  Note:- you will be asked to enter a specific passphrase. Be sure to note this phrase carefully

  • creating a certificate signing request:

    sudo openssl req -new -key server.key -out server.csr

"Common Name" :- Enter your official domain name here or, if you don't have one yet, your site's IP address.

• Remove the passphrase

  sudo cp server.key server.tmp
  sudo openssl rsa -in server.tmp -out server.key
  

  Note:- In the event that nginx crashes or needs to reboot, you will always have to re-enter your passphrase to get your entire web server back online. So to avoid it remove the passphrase

• Sign you ssl certificate

  sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt