SSL Certificate Installation

Adding a new user
-Connect to the UML VPN or be connected to the on-campus network.
--Note: The student wireless is not on-campus. Only the VPN and certain wired connections can connect to the server via SSH.
-Copy the file 'cs.uml.edu.key' from '/etc/ssl/' to your home directory by running the command cp /etc/ssl/cs.uml.edu.key /home/[USERNAME]/.
--This command may require sudo.
-Run the command openssl req -out cs.uml.edu.csr -key cs.uml.edu.key -new. --You might need to run sudo chown [USERNAME] cs.uml.edu.key to change the owner of the key to your user. --You will see the below prompted line by line. Enter the same information that you see below.

You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank.
For some fields there will be a default value,
If you enter '.', the field will be left blank.

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Massachusetts
Locality Name (eg, city) []:Lowell
Organization Name (eg, company) [Internet Widgits Pty Ltd]:University of Massachusetts Lowell
Organizational Unit Name (eg, section) []:Department of Computer Science
Common Name (e.g. server FQDN or YOUR name) []:learnmyr.org
Email Address []:[email protected]

Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []:
An optional company name []:

-Exit your SSH session.
-Use SCP to transfer the file to your local computer by running scp [USERNAME]@10.91.77.39:/home/[USERNAME]/bundle.crt [/path/to/store/file].
-Send this file to the UML helpdesk either via helpdesk.uml.edu or by emailing [email protected]. -IT will forward an email with several links.

as X509 Certificate only, Base64 encoded: [LINK]
as X509 Intermediates/root only, Base64 encoded: [LINK]
as X509 Intermediates/root only Reverse, Base64 encoded: [LINK]

-Download the files from the first two links ('X509 Certificate only, Base64 encoded' and 'X509 Intermediates/root only, Base64 encoded').
-Using your method of choice (text editor or cat), combine the two files.
--It should be the X509 Certificate only, Base64 encoded followed by the X509 Intermediates/root only, Base64 encoded certificate in one file called 'bundle.crt'. Each certificate must begin on a newline. Cat may not automatically add this line.
-Use SCP to transfer the file from your local machine to the VM by running scp [/path/to/bundle.crt [USERNAME]@10.91.77.39:/home/[USERNAME].
-SSH into the server.
-Move the file 'bundle.crt' to '/etc/ssl' using sudo mv bundle.crt /etc/ssl.
-Check NGINX by running sudo nginx -t -c /etc/nginx/nginx.conf.
-Run the command systemctl restart nginx.