In this post we will review the steps required to configure SSL for NGINX.
Unlike many other articles, this post includes BOTH the NGINX configuration, and the keys creation steps.
This is intended for development environment, hence we will use a self signed certificate.
Create the Keys
We will create a server key and certificate.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout nginx.key -out nginx.crt
The NGINX Configuratoin
The following runs both HTTP and HTTPS servers.
If required, the related HTTP listener can be removed.
user nginx;
worker_processes 10;
error_log /dev/stdout debug;
pid /var/run/nginx.pid;
load_module modules/ngx_http_js_module.so;
load_module modules/ngx_stream_js_module.so;
events {
worker_connections 10240;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/resolvers.conf;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log on;
sendfile on;
port_in_redirect off;
proxy_max_temp_file_size 0;
keepalive_requests 1000000;
keepalive_timeout 300s;
server {
listen 8080;
listen 8443 ssl;
server_name localhost;
ssl_certificate /etc/ssl/nginx.crt;
ssl_certificate_key /etc/ssl/nginx.key;
location / {
# your configuration here
}
}
}
No comments:
Post a Comment