StartCom StartSSL certificate + nginx

Quick guide to use free and widelly accepted (week ago Microsoft added StartSSL certificates to known authorities !) SSL certificate on nginx webserver.

  1. create certificate on
  2. download certificate (ssl.pem) and generated key (remove password from key using: openssl rsa -in ssl.key-pass -out ssl.key)
  3. download helper certificates (from (according to your class level, usually ca.pem
  4. do cat ssl.pem ca.pem > server.pem
  5. setup configuration directives ssl_certificate and ssl_certificate_key (see for more info)
  6. that’s all, restart nginx and take a look at error.log for possible problems
  7. try it

Seems easy, but it took me some time and few google queries find out, how should be step 4 done, to make firefox be satisfied with this certificate, and not complaining with sec_error_unknown_issuer. Hope it saves you a minute.