How to install self signed SSL in Nginx
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. NGINX is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption.
This tutorial explains the detailed steps to install self signed SSL centificate in Nginx server.
Step1: Create the folder to save key and certificate
#mkdir /etc/nginx/certs
Step2: Change the location to this new folder
#cd /etc/nginx/certs
Step3: Create the key and certificate
#openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/domain.key -out /etc/nginx/domain.crt
Note to replace domain with the required domain name.
Step4: Open the Nginx configuration file.
#vi /etc/nginx/sites-enabled/default
Step5: Update the configuration file with the certficate name and key name
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name domain.com;
ssl_certificate /etc/nginx/domain.crt;
ssl_certificate_key /etc/nginx/domain.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/domain.access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Note to replace domain with the required domain name.
Step6: Restart Nginx service
#service nginx restart
That's all....