Detailed process of purchasing godaddyssl certificate and configuring https on nginx service

My private blog, not this one, blocked all search engines before, but Baidu still came to visit secretly, I didn’t expect that Baidu is really a non-compliance robots.txt
The search engine, really let me down. Ever since, I bought Godaddy’s ssl certificate yesterday, and today I successfully installed it, https encrypted access +
robots.txt, Baidu, please don’t tease my private domain… You see how good Google is, I haven’t been here since the first day I blocked the search engine.
Let’s talk about how to buy Godaddy’s SSL certificate and the installation method under the Nginx platform:

1. Purchase a Godaddy SSL certificate
I bought the cheapest one, use promo code cjcssl12t2 for $12.99 a year later, purchase address: http://www.godaddy.com/

2. Generate the CSR file of the server
Enter the server with root privileges, enter:
openssl genrsa -des3 -out .key
2048
openssl req -new -key .key -out
.csr
(Must be 2048 as specified by Godaddy)
Fill in the correct information as required
(Godaddy
The help page has related help: http://help.godaddy.com/topic/746/article/5269)

3. Verify the CSR file Enter the purchased SSL certificate page, no CSR is bound at this time, Godaddy will ask you to enter the CSR
The content in the file can be copied directly, similar to this code:
—–BEGIN CERTIFICATE REQUEST—–
MIIBzDCCATUCAQAwgYsxHDAaBgNVBAMTE3d3dy50aGlzaXNhdGVzdC5jb20xCzAJ
BgNVBAYTAlpBMRkwFwYDVQQIExBXZXN0ZXJuIFByb3ZpbmNlMRIwEAYDVQQHEwlD
YXBlIFRvd24xEjAQBgNVBAoTCVRlc3QgQ29ycDEbMBkGA1UECxMSVGVzdGluZyBE
ZXBhcnRtZW50MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVzfmv7vJ9bOyQ
dxMLlgtDIEFz7MWsOUoZOPTq3qsTTXPW61q01jY8eQfs96I5xPjxALPeT4m74cce
UtYxldG7pLJiB3SGU94yvyvHDiyV+6mV/e++KWT2ql0Jv1emmobmAGdUxdx2pW9C
Epr0DmcVny6VGWAI36bG0NdYrNix4QIDAQABoAAwDQYJKoZIhvcNAQEEBQADgYEA
BfSHgDr9Vc460YG+lAiWuVWEife8B4QOojiV8oUxJJDqbA2CEEmXLWfa7/mfUtd5
EQd6voLDT8axpXPbOrmwa3kzEZvQZhg+QvKEyIfncqdWbDUk71tO0fVafBKwRQfE
73J/THmVABZuz9T6X3+KWGxGDiYw0sY3bE7OjBCwr14=
—–END CERTIFICATE REQUEST—–
Then directly order, enter the relevant information, and then wait for the Godaddy review time.

Fourth, Godaddy review
Godaddy review seems to take several hours, I waited all afternoon, and finally told me that the email on the Whois does not match the actual email,…
The whois of the .im domain name does not display email…
Then, Godaddy will tell you a code, a combination of several letters and numbers, such as XXX123, you only need to add a Cname, such as
xxx123.yourdomain.com. can be resolved to yourdomain.com, and then manually reviewed (Godaddy
I have told you the method in the email, but unfortunately I didn’t take a screenshot at the time, and I was confused, and I told you the method in detail in the email)

5. Nginx platform installation
I don’t know how to do this at all, relying on the almighty Paveo master to help me install it, oh haha. I searched for a tutorial on the Internet, and the following steps are required:

1. Configure Nginx SSL module:
./configure –user=username –group=groupname
–prefix=/usr/local/nginx –with-http_stub_status_module
–with-http_ssl_module
make && make install
2、Modify Nginx configuration
server
{
listen 443;
server_name yourdomain.com;
ssl on;
ssl_certificate /tmp/server.pem;
ssl_certificate_key /tmp/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
3. Restart the service
Finally you’re done: !