Adding SSL to a site in nginx
1) First create a folder where SSL certs are to be placed
#mkdir /etc/ssl/certs
#cd /etc/ssl/certs
Create key
# openssl genrsa -out abc.com.key 2048
# chmod 600 abc.com.key
Generate CSR
# openssl req -new -key abc.com.key -out abc.com.csr
If all that you need is a self signed certificated, do as follows.
# openssl x509 -req -days 365 -in abc.com.csr -signkey abc.com.key -out abc.com.crt
Otherwise get the cert signed and place it in /etc/ssl/certs/abc.com.crt
Now, open up your nginx config file for this domain.
# vi /etc/nginx/sites-available/abc.com
If you are planning to use both http and https, you need two separate server modules in your config. Hence, copy the config for 80 and put it to the bottom of the page and make modifications. What you need to add to the https server module is given below. Paste it before server_name line.
server {
listen 1.2.1.3:443 ssl;
ssl on;
ssl_certificate /etc/ssl/certs/abc.com.crt;
ssl_certificate_key /etc/ssl/certs/abc.com.key;
server_name abc.com www.abc.com
….
…
}
Now restart nginx.
#/etc/rc.d/init.d/nginx restart
Now try accessing site with https.
Leave a Reply