Setting up SSL cert in nginx is pretty easy. Assuming one has the certificate file, private key below is how to do it.
login to the terminal
navigate to the nginx folder
cd /etc/nginx
copy the cert files to ssl folder at /etc/nginx/ssl
now navigate inside sites-enabled
cd /etc/nginx/sites-enabled
now open the default file in vi
have the below
server_name mysever.com;
keepalive_timeout 70;
ssl_certificate /etc/nginx/ssl/myserver.crt;
ssl_certificate_key /etc/nginx/ssl/myserver.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
force https-redirects
if ($scheme = http) {
return 301 https://$server_name;
}
location / {
proxy_pass http://localhost:1337;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
now kill and start the server
ps aux | grep nginx
sudo killall nginx
sudo nginx
thats all!
references:
https://www.nginx.com/blog/setting-up-nginx/
login to the terminal
navigate to the nginx folder
cd /etc/nginx
copy the cert files to ssl folder at /etc/nginx/ssl
now navigate inside sites-enabled
cd /etc/nginx/sites-enabled
now open the default file in vi
have the below
server_name mysever.com;
keepalive_timeout 70;
ssl_certificate /etc/nginx/ssl/myserver.crt;
ssl_certificate_key /etc/nginx/ssl/myserver.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
force https-redirects
if ($scheme = http) {
return 301 https://$server_name;
}
location / {
proxy_pass http://localhost:1337;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
now kill and start the server
ps aux | grep nginx
sudo killall nginx
sudo nginx
thats all!
references:
https://www.nginx.com/blog/setting-up-nginx/
No comments:
Post a Comment