How to add SSL certificate provided by GoDaddy to a website running on Nginx?



This tutorial will show you how to acquire and install an SSL certificate from a trusted, commercial Certificate Authority (CA). SSL certificates allow web servers to encrypt their traffic, and also offer a mechanism to validate server identities to their visitors. The main benefit of using a purchased SSL certificate from a trusted CA, over self-signed certificates, is that your site’s visitors will not be presented with a scary warning about not being able to verify your site’s identity.


  • GoDaddy

   GoDaddy is the worlds largest and trusted domain registrar. GoDaddy is a popular CA, and has all of the basic certificate types.


Certificate Types

There are 3 types of SSL Certificate available.  Here is a short description of each type:

  • Single Domain: Used for a single domain, e.g. Note that additional subdomains, such as, are not included
  • Wildcard: Used for a domain and any of its subdomains. For eg, a wildcard certificate for * can also be used for and
  • Multiple Domain: Known as a SAN or UC certificate, these can be used with multiple domains and subdomains that are added to the Subject Alternative Name field. For test, a single multi-domain certificate could be used with,, and

Our website name is



Registered Domain Name

Before acquiring an SSL certificate, you must own or control the registered domain name that you wish to use the certificate with. If you do not already have a registered domain name, you may register one with one of the many domain name registrars out there (e.g. Namecheap, GoDaddy, etc.).

Web Server

you will need a web server to install the SSL certificate on. This is the server that is reachable at the domain name for which the SSL certificate will be issued for. this may  be an Apache HTTP, Nginx server. If you need help setting up a web server Please click the link to

1. Set up a web server of your choice. For test, a LEMP (Nginx) or LAMP (Apache) server–be sure to configure the web server .


Generate a CSR and private Key


To generate a certificate signing request (CSR) we can use the following command

Replace the with your relevant Domain name to create and

Openssl req -newkey rsa:2048 -nodes -keyout -out

It will ask for Details regarding CountryName, State etc.,  Please enter Your details.

This will generate 2 files (.key and .csr)

Go to GoDaddy’s SSL certificate page:

And register for the ssl certificate by giving the generate .csr file which we created.

Next download the ssl certificte from godaddy , Click on activate now

you’ll be asked to select the server type select nginx and download the Zip file.

Once the zip is extracted you should get 2 files one will be 1235454xxxx.crt and another will look like gd.bundle-g2-1.crt

Rename the 1st file that is 123xx.crt to you domainame.crt ( and gd.bundle-g2-1.crt as ( intermediate.crt)

Assume the following extracted keys are in /etc/nginx/ssl directory

  • 1 . The private key called as
  1. The SSL certificate called as and

  2. The CA intemediate certificate called as intermediate.crt

  3. using this we will configure and add SSL certificate in Nginx Config file

Execute the following command to combine 2 keys into one as new.test.crt

cat intermediate.crt> new.test.crt

Now goto Nginx Config File

cd /etc/nginx/sites-enabled 

Assuming you want to add ssl certiicate to your default.conf( in your case it will be (domainname.conf) or you can create one

sudo vi default.conf

Find and modify the ssl line it should look like this

listen 443 ssl;

Then find the servername column and (replace the highlighted path and name with your own details).

ssl_certificate /etc/nginx/ssl/new.test.crt ssl_certificate_key /etc/nginx/ssl/

If you want HTTP traffic to redirect to HTTPS, you can add this additional server block at the top of the file (replace the highlighted parts with your own information):

server {
   Listen 80 ;
   rewrite ^/(.*)$1 permanent;

then save and quit (:wq!)

use the following cmd to check configurations and restart the nginx service

sudo nginx -T
sudo service nginx restart


Clear the Cache memory from you browser and type
you should see encryption sign for you website and try accessing website with it should automatically redirect your website to https;//

😎 😎 😎