Nginx SSL Certificate Installation for Django App
If you’re using Nginx and need to install an SSL Certificate for your Django application, knowing how to generate a CSR and how to force SSL on your Django app should be the first things that you need to familiarize yourself with. Knowing what you need before starting the SSL installation will also make things smoother and faster. So, know all about it first before setting sails on SSL Certificate installation and activation.
Installing SSL Certificate on Nginx for Django App
The approach to Nginx SSL Certificate installation for Django app is to create your CSR, install the certificate then force all requests to run on HTTPS. Get your CSR ready and start the SSL Certificate purchase on GoDaddy or Symantec. There are two of the most well-known certificate authorities on the market so you might want to check them out to make sure that you are purchasing from a trusted authority.
Godaddy is a great option for reliable, cheap SSL certs. Get the best price.
- Create your CSR Code and purchase your certificate.
To generate your own CSR Code, go to Nginx acc and run this code on your server terminal:
openssl req -new -newkey rsa:2048 -nodes -keyout domainname.key -out domainname.csr
Make sure that you edit that code and replace ‘domainname’ with your own domain name. You also need to provide some info about your website/domain such as your country, your email address and your domain name.
You will be prompted to answer certain questions and to submit the CSR for verification. Verification regarding your ownership to the domain will also begin, which usually lasts around 1-7 business days. Your certificates will be delivered to your email address. The two files will usually be named as the ff:
- crt
- ca-bundle
- Install your SSL Certificate.
To install the certificarte on your server, link the two files above and upload them to your directory using the scp command:
Linking files: cat simple_academy.crt simple_academy.ca-bundle >> simple_academy_cert_chain.crt
SCP command: scp domain_name_cert_chain.crt ubuntu@52.26.32.151:/home/ubuntu
Ready the files ‘domain_name_cert_chain.crt’ and ‘domainname.key’ and copy those file to the /etc/ssl/ directory:
sudo cp simpleacademy_cert_chain.crt /etc/ssl/
sudo cp simpleacademy.key /etc/ssl/
- Edit your host file.
Make sure that you edit your virtual host file to force the SSL protocol and use the right port. You should also edit the file to ensure that the redirects are forced and are automated so that the application will only run through the HTTPS protocol instead of the HTTP one.
Make sure that the port you are using is port 80 and edit your file if necessary. You should also call on your cert files and cert key on the file. You should also indicate the server to listen to port 443 to ensure that the proper listening socket is chosen for your Django app requests.
After creating the necessary commands, you should restart Nginx for the changes to be implemented:
sudo service nginx restart
After restarting, your Django app should be using the HTTPS protocol only. Check your app to see that everything is working properly.
Make sure that you keep your cert files and a backup of your app in a safe place to enable you to access them again when you need to restart the process. This will be useful when errors occur.
