In this article, I dive into the intricacies of creating a self-signed SSL certificate for local development & testing, working with CA-bundles (intermediate certificates) when purchasing your production SSL certificate, and how to configure Nginx so that its SSL options are configured for improved security (and performance).
I also provide an Nginx configuration that I am currently using in production for a client's eCommerce application.
Creating a self-signed Certificate
The following is a summary of the steps detailed in the Heroku Devcenter. I will first go over this step-by-step and then show you how it could be done as a one-liner.
Generate private key
A private key and certificate signing request are required to create an SSL certificate.
Start by creating the private server key. During this process, you are normally asked to enter a specific passphrase, which we have skipped ...(continued)