If you want to use https with nginx on your dedicated server, you have the option to buy a certificate. The other way, even though less secure for your clients: create a self signed certificate.
I want to show, how you can create a self signed certificate and how to use it with nginx on an ubuntu linux.
Open a root shell and head to the nginx configuration folder.
$ sudo -s
# cd /etc/nginx
Generate the self signed certificate and answer the questions.
# openssl req -new -x509 -nodes -out server.crt -keyout server.key
Now make the files only visible to the owner (root).
# chmod 600 server.key
Add the ssl section as new site:
# vim sites-enabled/ssl.example.org
with this code:
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
server_name ssl.example.org;
location / {
root /var/www/ssl.example.org;
index index.php;
}
# ... and so on
}
Reboot nginx:
# /etc/init.d/nginx restart
Head to your site: https://ssl.example.org. You'll recieve a message in your favorite browser saying that the certificate is insecure, because the author signed it on his own. You have to make an exception.
This does not look very professional. So you should use this procedure
only for projects, where you can live with this 'error message'.
