HTTPS + NGINX with self signed SSL certificate
If you want to use https with nginx on your dedicated server, you have the option to buy a certificate. The other way, even though less secure for your clients: create a self signed certificate.
I want to show, how you can create a self signed certificate and how to use it with nginx on an ubuntu linux.
Open a root shell and head to the nginx configuration folder.
2
# cd /etc/nginx
Generate the self signed certificate and answer the questions.
Now make the files only visible to the owner (root).
Add the ssl section as new site:
with this code:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
listen 443;
ssl on;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
server_name ssl.example.org;
location / {
root /var/www/ssl.example.org;
index index.php;
}
# ... and so on
}
Reboot nginx:
Head to your site: https://ssl.example.org. You'll recieve a message in your favorite browser saying that the certificate is insecure, because the author signed it on his own. You have to make an exception.
This does not look very professional. So you should use this procedure only for projects, where you can live with this 'error message'.
Messages
:)
openssl by default creates certificates that are only valid for one month. You can use the -days parameter to change that.
You can configure a single server that handles both HTTP and HTTPS requests within the same file:
<pre>
server {
listen 80;
listen 443 ssl;
server_name www.example.com;
ssl_certificate www.example.com.crt;
ssl_certificate_key www.example.com.key;
...
}
</pre>
Thanks. This is a nice simple example to see how this works. I'd always wondered...
Hello from Belarussia. It works. Thank you for this article.
:P
m.m,.
