Written by
akendo
on January 26, 2012
2 minutes reading
with tags:
apt-get debian gernal howto linux nginx webserver
Nginx with SSL
For a demo Application that has to be show in the Internet, we need a Scala Lift online. This contains sensitive data, so i need SSL. But the Jetty Server were all the Scala Lift Application is no able to handle Name or SSL so easliy (Or it can, but i have no idea how to do it). So i want that my Website allowing access via http, but then redicting to the HTTPS Page. Just made sure, i add a password so no one unknown can see it.
First create a new SSL Certificate :
cd /usr/nginx/
mkdir SSL
cd SSL
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
add in your configuration /etc/nginx/site-avaiable/YOUR_DOMAINNAME_HERE
server {
listen 0.0.0.0:80;
server_name YOUR_DOMAINNAME_HERE,;
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/YOUR_DOMAINNAME_HERE.log;
rewrite ^(.*) https://YOUR_DOMAINNAME_HERE permanent;
}
server {
listen 0.0.0.0:443;
ssl on;
ssl_certificate /etc/nginx/SSL/server.crt;
ssl_certificate_key /etc/nginx/SSL/server.key;
server_name YOUR_DOMAINNAME_HERE,;
access_log /var/log/nginx/ssl-YOUR_DOMAINNAME_HERE.log;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/auth/dev-htpasswd;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy fale;
proxy_set_header Host $host;
proxy_pass http://localhost:8080;
}
}
Now enable the configuration and restart the nginx.
Source: Nginx Wiki josephscott.org