StartCom, the Start of eCommerce.
Only US$199.90

NGINX Server1

(Thanks to Ingmar Steen for the instructions)

First, use the StartSSL™ Control Panel to create a private key and certificate and transfer them to your server. Then execute the following steps (if you use a class 2 certificate replace class1 by class2 in the instructions below):
  • Decrypt the private key by using the password you entered when you created your key:
openssl rsa -in ssl.key -out /etc/nginx/conf/ssl.key

Alternatively you can also use the Tool Box decryption tool of your StartSSL™ account.
  • Protect your key from prying eyes:
chmod 600 /etc/nginx/conf/ssl.key
  • Fetch the Root CA and Class 1 Intermediate Server CA certificates:
  • Create a unified certificate from your certificate and the CA certificates:
cat ssl.crt > /etc/nginx/conf/ssl-unified.crt
  • Configure your nginx server to use the new key and certificate (in the global settings or a server section):
ssl on;
ssl_certificate /etc/nginx/conf/ssl-unified.crt;
ssl_certificate_key /etc/nginx/conf/ssl.key;

  • Tell nginx to reload its configuration:
killall -HUP nginx