Thursday, March 6, 2014

Configure Nginx for SSL

You need to have private key and CA signed certificate (to test you may generate your own Self signed certificate) to configure your nginx to serve request over SSL. Add following lines into your nginx.conf file and make required changes to point ssl_certificate to location of your certificate in this configuration it is "server.crt" (if you copy your .crt and .key file into "<nginx home>/conf" folder . In that case you can specify only file name other wise you need to specify absolute path of a file). Change ssl_certificate_key to point your key file.

Restart nginx server and hit https url https://yourdomain.com. ( If you have installed self signed certificate you will see Untrusted Exception. You can safely continue with it.) 


    # HTTPS server
    #
    server {
        listen       443;
        server_name  yourdomain.com;

        ssl                  on;
        ssl_certificate      server.crt;
        ssl_certificate_key  server.key;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;

        location / {
            root   html;
            index  index.html index.htm;
        }
    }


No comments:

Post a Comment