DigitalOcean Server Par Godaddy SSL Certificate Install Kaise Kare

Is article me aapko DigitalOcean server (Ubuntu nginx server) par godaddy ssl certificate install karne ke bare me step by step with example hindi jankari milegi. How to Install Godaddy SSL with Nginx on Ubuntu 18.04 version – Digital Ocean Server in Hindi.

Aap is guide se Ubuntu 18.04, 16.04, 14.04 version par godaddy ssl certificate installation setup kar sakte hai, lekin aapko ubuntu version ke hisab se command use karni hogi.

Godaddy three type ke SSL certifcicates provide karta hai.

• Protect one website
• Protect multiple websites
• Protect all subdomains

Is tutorial me hum first type yani one domain website ko protect karne wale ssl certificate ko setup karne ke bare me janenge, kyuki website or blogs ko secure karne ke liye sabse jyada isi ka istemal hota hai.

Ubuntu Nginx Server Par Godaddy SSL Certificate Kaise Install Kare?

Sabse pahle aap apne server par LEMP stack install kar le hum yaha nginx ubuntu server par self signed custom ssl install karne ke bare me bta rahe hai.

1. Server Setting for SSL

Sabse pahle aapko nginx configuration file me server name me apna domain example.com and www.example.com name add karna hai taki ssl www aur without www pa work kare.

Nginx configure file ko open karne ke liye ye command use kare.

$sudo nano /etc/nginx/sites-available/default

Ab server block me server_name ko niche diye example ki tarah set karna hai. Baki aur koi bhi changes karne ki jarurat nahi hai.

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name example.com www.example.com;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.2-fpm.sock;
    }

    location ~ /\.ht {
        deny all;
    }
}

Ab humne agar koi galti to nahi ki hai wo check karne ke liye ye command use kare.

$sudo nginx -t

Agar koi bhi error show hota hai to wapis above step ko follow kar file ko open kar sahi se configure kare or ek bar fir error check kare, uske bad Nginx server ko restart karna hoga jiske liye ye command  use kare.

$sudo systemctl reload nginx

2. Generate a CSR and Private Key

Godaddy se ssl certificate download karne ke liye hume private key aur CSR (certificate signing request) file generate karne ki jarurat hoti hai.

Hum apne server se hi private key generate karke taki future me agar humse private key lost bhi ho jaye to hum server se recover kar sake.

Lekin usse pahle hum usse pahle server par ek folder create karenge jaha hume all certificates files save karni hai.

$mkdir /etc/nginx/ssl
$cd /etc/nginx/ssl

Uske baad hume isi folder me private key generate karni hai. Private key ko example.com.key aur CSR ko example.com.csr name dena hai. (example.com ko apne domain se replace kar lena hai.)

$openssl req -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.csr

Is prompt me aapse kuch information puchi jayegi jo certificate request me add hoti hai. Isme sabse important common name field hai, jisme aapko apna domain name add karna hai. (for example:- example.com)

Yaha main example ke sath samajha deta hu.

Country Name (2 letter code) [IN]: IN
State or Province Name (full name) [Some-State]: Rajasthan
Locality Name (eg, city) []: Alwar
Organization Name (eg, company)Your company name
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:admin@example.com

Is command se two files generate hongi.

• example.com.key
• example.com.csr

Ab aap godaddy se apna certificate download kar sakte ho. Uske liye aapko CSR file ki jarurat hogi. Apni CSR file print karne ke liye ye command run kare.

$cat example.com.csr

CSR code copy kare aur godaddy site par ja kar csr paste kar certificate generate kare.

3. Download Certificate from Godaddy

Jab godaddy ssl certificate generate process complete ho jayega to aapki mail id par ek confirm mail aayega. Usme diye link par click karke ssl certificate download karna hai.

Server type drop down me Apache choose kar ZIP file download kare. Isme do .crt file honi chahiye. Zip file ko extract kare.

• SSL Certificate with random name (example: 87fhs5pgu690us.crt)
• Godaddy Intermediate Certificate Bundle (gk_bundleg2-g1.crt)

First wale ko example.com.crt aur second wale yani ssl bundle ko intermediate.crt name se rename karna hai.

Ab aapka SSL certificate web server par install karne ke liye ready hai.

4. Install SSL Certificate on Web Server

Sabse pahle hume via ftp certificate aur bundle ko ssl wale folder me upload karna hai jo humne starting me banaya tha. Aap filezilla ya cyberduk se ssl files upload kar sakte hai.

Aur is command se us folder par ja sakte hai.

$cd /etc/nginx/ssl

Agar aapke certificate me intermediate certificate shamil hai to aapko ek single chained certificate file banani hogi, jisme aapka certificate aur CA ka intermediate certificate ho.

Aapko chained file banane ke liye nimn command ka upyog kar sakte hai.

$cat example.com.crt intermediate.crt > example.com.chained.crt

Ab aapko is folder ki access permission change karni hogi. Iske liye ye command use kare.

$cd /etc/nginx
$sudo chmod -R 600 ssl/

5. Configure Nginx for SSL

Configuration complete karne ke liye aapko Nginx configuration file me ssl certificates lines ko add karna hoga taki server ssl files ko run kar sake.

Nginx configure file ko open karne ke liye ye command use kare.

$sudo nano /etc/nginx/sites-available/default

Ab server block niche diye gaye tarike se configuration karni hai.

server {
	listen 443 ssl default_server;
	listen [::]:443 ssl default_server;

        server_name www.example.com;
 
        ssl on;
        ssl_certificate /etc/nginx/ssl/example.com.chained.crt;
        ssl_certificate_key /etc/nginx/ssl/example.com.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
        ssl_prefer_server_ciphers on;
        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

        other configuration lines
 }

Ab is command se check kar le ki aapne sabkuch sahi se set up kiya hai.

$sudo nginx -t

Uske bad Nginx server ko restart karna hoga jiske liye ye command  use kare.

$sudo systemctl reload nginx

Ab browser me apni site ke URL type open karke dekhe ki site HTTPS ke sath work kar rahi hai ya nahi.

Is tarah se aap digitalocean server par godaddy ssl certificate install kar sakte ho.

HTTP to HTTPS 301 Redirect on Nginx

SSL install karne ke bad aapko http to https 301 redirection set karna hoga. Iske liye aapko ye code nginx configuration file me add karna hai. Code pahle se add server block se pahle add karna hai.

server {
        listen 80;
        listen [::]:80;

        server_name example.com www.example.com;
        return 301 https://www.example.com$request_uri;
}

HTTP to HTTPS redirection code ke sath ssl cetificate code ko is tarah se configure karna hai.

server {
        listen 80;
        listen [::]:80;

        server_name example.com www.example.com;
        return 301 https://www.example.com$request_uri;
}
server {
	listen 443 ssl default_server;
	listen [::]:443 ssl default_server;

        server_name www.example.com;
 
        ssl on;
        ssl_certificate /etc/nginx/ssl/example.com.chained.crt;
        ssl_certificate_key /etc/nginx/ssl/example.com.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
        ssl_prefer_server_ciphers on;
        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

        other configuration lines
}

Ab error check kar nginx restart kar le.

$sudo nginx -t

Ok report mile to is command line se nginx ko restart kar le.

$sudo systemctl reload nginx

Agar koi sawal ho ya koi problem ho to aap comment section me puch sakte hai.

• Ubuntu 18.04 Server Par WordPress Install Kaise Kare (with LEMP)

Agar aapko ye jankari achhi lage to is post ko dusre blogger ke sath jarur share kare.