nginx.oldfords.cz

  • Увеличить размер шрифта
  • Размер шрифта по умолчанию
  • Уменьшить размер шрифта
Home NGINX Ubuntu NGINX SSL Vhost Reverse Proxy

Ubuntu NGINX SSL Vhost Reverse Proxy

20.04.2011 16:30 king2
E-mail Печать PDF
There are no translations available.

 

Enabling SSL support for your site is very simple and involves the addition of just a few lines to the virtual host file.

 

 

Go ahead and open up your virtual host file:

sudo nano /etc/nginx/sites-available/domain1.com

My example vhost looks like this:

server {

            listen   80;
            server_name  www.domain1.com;
            rewrite ^/(.*) http://domain1.com/$1 permanent;

           }


server {

            listen   80;
            server_name domain1.com;

            access_log /home/demo/public_html/domain1.com/logs/access.log;
            error_log /home/demo/public_html/domain1.com/logs/error.log;

            location / {

                        root   /home/demo/public_html/domain1.com/public/;
                        index  index.html;

                        }

            }

Very simple and straight forward.

port 443

To enable the use of port 443 with our SSL certificate all we need to do is let Nginx know we want to listen on port 443 and to define the location of the certificate.

To do this, simply copy and paste the existing content so, to begin with, you have two sets of server modules that are exactly the same.

Now change the ports on the second set from 80 to 443:

server {

            listen   80;
            server_name  www.domain1.com;
            rewrite ^/(.*) http://domain1.com/$1 permanent;

           }


server {

            listen   80;
            server_name domain1.com;

            access_log /home/demo/public_html/domain1.com/logs/access.log;
            error_log /home/demo/public_html/domain1.com/logs/error.log;

            location / {

                        root   /home/demo/public_html/domain1.com/public/;
                        index  index.html;

                        }

            }



server {

            listen   443;
            server_name  www.domain1.com;
            rewrite ^/(.*) http://domain1.com/$1 permanent;

           }


server {

            listen   443;
            server_name domain1.com;

            access_log /home/demo/public_html/domain1.com/logs/access.log;
            error_log /home/demo/public_html/domain1.com/logs/error.log;

            location / {

                        root   /home/demo/public_html/domain1.com/public/;
                        index  index.html;

                        }

            }

Good.

Certificate location

Now all we need to do is let Nginx know we want to use SSL and where the certificate is located.

As such, we need to add the following to each port 443 server module:

ssl    on;
ssl_certificate    /etc/ssl/certs/myssl.crt;
ssl_certificate_key     /etc/ssl/private/myssl.key;

So now the beginning of each port 443 server module looks like this:

server {

            listen   443;

            ssl    on;
            ssl_certificate    /etc/ssl/certs/myssl.crt;
            ssl_certificate_key    /etc/ssl/private/myssl.key;

            server_name domain1.com;

To enable the changes we need to restart Nginx:

sudo /etc/init.d/nginx restart

 

Обновлено 20.04.2011 16:37  

Main Menu

Sections