Original
How to Buy a Domain and Set Up SSL
NNH 2025-04-05 03:23 read 100

Purchase a Domain

The process of purchasing a domain is quite simple. You just need to visit a website such as BKNS or Hostinger and register a domain.

Example domain: nhdesign.app

Getting HTTPS with an SSL Certificate

Once you have a domain, if you want HTTPS, you can purchase an SSL certificate. There are many types of SSL certificates, and one of my favorites is the RapidSSL Wildcard Certificate.

SSL Certificate

A Domain Validation (DV) SSL certificate is commonly used for individuals or small businesses. Large enterprises usually use an Extended Validation (EV) certificate, which includes a company logo in the browser.

Issuance Time: 5 Minutes

The process is quick—after payment, you get the certificate immediately without any waiting time.

SAN=1, Wildcard: Yes means the certificate can protect:

*.nhdesign.app

This includes all subdomains, such as:

  • www.example.com
  • mail.nhdesign.com
  • blog.nhdesign.com
  • anything.nhdesign.com

However, it does not protect nhdesign.app itself.

Checking the SSL Certificate

After purchasing, log in to your panel, and you will see that the SSL certificate is active.

SSL Panel

You will receive a .zip file containing SSL certificate files:

SSL Files

Important Notes

When purchasing an SSL certificate, you often buy from a reseller rather than directly from the Certificate Authority (CA). The reseller uses their own details to register the certificate and provides it to you.

The reseller also generates a private key for authentication with the CA. If you do not receive a .key file (e.g., nhdesign.app.key), you must request it. This file is crucial for enabling HTTPS on your website.

SSL certificates usually expire in one year, requiring renewal. If you don't need a wildcard certificate, you can opt for a cheaper alternative, which can be 10 times cheaper.

Cheaper SSL

Setting Up DNS for Your Website

Once you have a domain and SSL, you can start your website.

For example, if you want to set up blog.nhdesign.app, log in to your panel and add an A Record as shown:

A Record

An A Record (Address Record) maps a domain name to a specific IP address.

Here, I have created multiple subdomains:

Subdomains

Installing Nginx on Your Server

Check if Nginx is installed:

systemctl status nginx

If not installed, run:

sudo apt install nginx -y
sudo systemctl start nginx
sudo systemctl enable nginx
sudo systemctl status nginx

You should see an output indicating that Nginx is running.

Setting Up Nginx Configuration

Create an Nginx configuration file for your blog:

sudo nano /etc/nginx/sites-available/blog.conf

Add the following content:

# Redirect all HTTP traffic to HTTPS
server {
    listen 80;
    server_name blog.nhdesign.app;
    return 301 https://$host$request_uri;
}

# HTTPS server block
server {
    listen 443 ssl;
    server_name blog.nhdesign.app;

    # Path to SSL certificate and private key
    ssl_certificate /etc/nginx/ssl/nhdesign_app.crt;
    ssl_certificate_key /etc/nginx/ssl/nhdesign.app.key;

    # Recommended SSL settings
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';

    # CORS headers
    location / {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
        add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization, X-Requested-With';

        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
            add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization, X-Requested-With';
            return 204;
        }

        # WebSocket support
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Upload SSL Files

Upload your SSL files to /etc/nginx/ssl/:

FileDescription
.crt (Certificate)The SSL certificate issued by the CA
.key (Private Key)The private key used for authentication

SSL Upload

Reload Nginx Configuration

sudo ln -s /etc/nginx/sites-available/blog.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

Now, when you visit your website in a browser, it should be secured with HTTPS!

purchasing a domain; obtaining an SSL certificate; configuring Nginx; enable HTTPS; domain provider; SSL certificate;; secure website; https website

Like

Related recommendation

Author

NNH

Joined for 198 days
Series

Table of contents