I like to organize my SSL certs inside my web server folder for easy access and organization. I also like to create sub-folders for each domain and name each certificate with its corresponding domain name (example: /etc/nginx/ssl/domain.com/domain.com.crt). You can organize and name your certs in any way you see fit.
*I assume you are logged in as root.
*Replace NAME with your host/domain name. Don’t forget the NGINX config as well!
apt-get install -y openssl
Create SSL directories
mkdir /etc/nginx/ssl mkdir /etc/nginx/ssl/NAME cd /etc/nginx/ssl/NAME
openssl genrsa -out "/etc/nginx/ssl/NAME/NAME.key" 2048
Create SSL request
openssl req -new -key "/etc/nginx/ssl/NAME/NAME.key" -out "/etc/nginx/ssl/NAME/NAME.csr"
Validate SSL request and create SSL certificate
openssl x509 -req -days 1825 \ -in "/etc/nginx/ssl/NAME/NAME.csr" \ -signkey "/etc/nginx/ssl/NAME/NAME.key" \ -out "/etc/nginx/ssl/NAME/NAME.crt"
Add to NGINX host config
listen 443 ssl; ssl_certificate /etc/nginx/ssl/NAME/NAME.crt; ssl_certificate_key /etc/nginx/ssl/NAME/NAME.key;
Or just use my config. It also includes a non-https redirect, just replace NAME with your host name. (VIEW CONFIG HERE).
wget --no-check-certificate -O /etc/nginx/sites-available/rutorrent-hostip-ssl https://raw.githubusercontent.com/internetbear/library/master/nginx/site-available/hostip-ssl