• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » Configuring Ngnix Server For Serving HTTPS URLs

By Abhishek Ghosh August 23, 2014 6:42 pm Updated on August 23, 2014

Configuring Ngnix Server For Serving HTTPS URLs

Advertisement

Configuring Ngnix server for serving HTTPS URLs are more simple and easy compared to Apache2 Web Server Software. Here is a detailed guide. Previously, we have discussed how to optimize Nginx on Cloud Server after initial installation of Nginx on Rackspace Cloud Server. So your server is easy for serving via port 80. Port 443 by default is off. We need to add another server block, the path to the TLS / SSL Certificates. Quite easy few steps. Definitely a loadbalancer can be used on Rackspace Cloud instead of installing the Certificates directly, but technically for better security, we should either use a dedicated instance to act as loadbalancer (again it is reverse proxy and Nginx will be used) or add the certificate to main server.

 

Configuring Ngnix Server For Serving HTTPS URLs : First the Basics

 

As we configure one or multiple servers for one domain, the methods are quite easy. So, we will only work on the file /etc/nginx/sites-available/default. After configuring, a simple restart will work fine. We need not to activate any module, unlike Apache2.

We are taking it granted that, the reader knows how to generate CSR file for SSL Certificate request and has obtained the certificate from the authority like GeoTrust, Norton, VeriSign etc. For GeoTrust like good providers, you will get 2 certificates – one is the primary certificate for the requested domain and second is the intermediate key. Plus you have the private key in your hand. You need to concatenate the primary certificate and intermediate certificate to one piece by first saving the raw text files with proper names, like in our case; the primary certificate will be saved in this way :

Advertisement

---

Vim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# on localhost
mkdir thecustomizewindows_geotrust && cd thecustomizewindows_geotrust
# copy the primary key sent as plain text and paste
nano thecustomizewindows.crt
# now paste and save by ^ + O and exit by ^ + X
# now copy the intermediate certificate as plain text
nano GeoTrustCA.crt
# now paste and save by ^ + O and exit by ^ + X
ls
# there will be two files now
thecustomizewindows.crt GeoTrustCA.crt
# also copy the key file thecustomizewindows.key in this directory
ls
# there will be 3 certs
thecustomizewindows.crt GeoTrustCA.crt thecustomizewindows.key
# now concatenate
cat thecustomizewindows.crt GeoTrustCA.crt >> bundle.crt
# check the tutorial of your SSL certificate provider
# usually the method will be the same, if we do ls now
ls
thecustomizewindows.crt GeoTrustCA.crt thecustomizewindows.key bundle.crt

We need only the bundle.crt and thecustomizewindows.key files on server. SSH to your server. We have assumed that you use a GNU Linux, BSD or OS X or any UNIX os.

Configuring Ngnix Server For Serving HTTPS URLs

 

Configuring Ngnix Server For Serving HTTPS URLs : On Server

 

Typically we provide the examples with deb based Linux like Ubuntu or Debian. This is Ubuntu 14.04 LTS instance. First create a directory :

Vim
1
2
3
4
5
6
7
8
9
10
11
# double check that the directory does not exist
cd /etc/nginx/ssl
# this will normally throw error like bash :: no such directory ... blah blah blah
# create the directory
mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl
# login to FTP server using FileZilla or some software and upload the
# files from your local computer to server, do a ls
ls
thecustomizewindows.crt GeoTrustCA.crt thecustomizewindows.key bundle.crt
# we kept copy in local computer

Now open the file /etc/nginx/sites-available/default and scroll to the bottom, where there are commented out lines for SSL block :

Vim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
nano /etc/nginx/sites-available/default
# scroll down and make it looking like this
# HTTPS server
server {
        listen 443 ssl;
        server_name thecustomizewindows.com;
 
        root /usr/share/nginx/html;
        index index.php index.html index.htm;
 
        ssl on;
        ssl_certificate /etc/nginx/ssl/bundle.crt;
        ssl_certificate_key /etc/nginx/ssl/thecustomizewindows.key;
        ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         HIGH:!aNULL:!MD5;
}
# thecustomizewindows.key is for me, not you
# comment out these on the same file, you can uncomment and test later
 
# Make site accessible from http://localhost/
# server_name localhost;

Do a configtest :

Vim
1
/etc/init.d/nginx configtest

If everything returns fine, then restart :

Vim
1
2
3
service nginx reload
# restart
service nginx restart

Browse to your domain’s https url, it should give right info like this page’s HTTPS indicator on address bar. As an optimization ethos, we should adjust our previously described tweak :

Vim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
worker_processes auto;
 
http {
    ssl_session_cache   shared:SSL:10m;
    ssl_session_timeout 10m;
 
# HTTPS server
server {
        listen 443 ssl;
        server_name thecustomizewindows.com;
 
        root /usr/share/nginx/html;
        index index.php index.html index.htm;
 
        ssl on;
        ssl_certificate /etc/nginx/ssl/bundle.crt;
        ssl_certificate_key /etc/nginx/ssl/thecustomizewindows.key;
        ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         HIGH:!aNULL:!MD5;
}

You should debug with your provider :

Vim
1
2
3
4
openssl s_client -connect www.geotrust.com:443
# example test url
# http://www.digicert.com/help/
#

This is where the story ends.

Tagged With how to configure ngnix as http server , https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1831 k8Uwfzkq8bLH4AKWheCdr_hHvroYNdjVRjWICDtAmTmnQX9iP1mYNvxlw9dHv16r 5e09350a3ddb151d59247020a75c93e2ed803b41&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme

This Article Has Been Shared 552 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Configuring Ngnix Server For Serving HTTPS URLs

  • Creating Facebook App with Cloud Files : Demo Music Player

    Creating Facebook App with Cloud Files is quite easy and most importantly, it is actually becoming self hosted, with SSL as an option and at a very low pricing.

  • Cloud Computing : Beware of Hidden Costs

    Cloud Computing Service Providers can hide the real cost by showing only the cost of computing power usage in advertisements hiding the cost of bandwidth.

  • Cloud Computing Myths and Abuse of The Terminology

    Cloud Computing myths are grown over the innocent people by some companies for making money out of their less understanding. Here are the points discussed. We are not against the concept of Cloud Computing for various reasons, but are strongly against the potential abuse and creating myths – known as Cloud Computing Myths for specific […]

  • Cloud Computing and Security of Corporate Data

    Cloud Computing and Security of Corporate Data is for ensuring protection against data loss, a cloud user should be specified in the contract some points.

  • Cloud Fax Solution Providers

    Cloud Fax Solution Providers lists the different types of cloud fax solution providers along with some description, pros and cons of the particular services.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Zebronics Pixaplay 16 : Entry Level Movie Projector Review February 2, 2023
  • What is Voice User Interface (VUI) January 31, 2023
  • Proxy Server: Design Pattern in Programming January 30, 2023
  • Cyberpunk Aesthetics: What’s in it Special January 27, 2023
  • How to Do Electrical Layout Plan for Adding Smart Switches January 26, 2023

About This Article

Cite this article as: Abhishek Ghosh, "Configuring Ngnix Server For Serving HTTPS URLs," in The Customize Windows, August 23, 2014, February 3, 2023, https://thecustomizewindows.com/2014/08/configuring-ngnix-server-serving-https-urls/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT