Aug 192010
HTTP is a plain text protocol and it is open to passive monitoring. You should use SSL to to encrypt your content for users.
Create an SSL Certificate
Type the following commands:
$ cd /usr/local/nginx/conf $ openssl genrsa -des3 -out server.key 1024 $ openssl req -new -key server.key -out server.csr $ cp server.key server.key.org $ openssl rsa -in server.key.org -out server.key $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Edit nginx.conf and update it as follows:
server {
server_name example.com;
listen 443;
ssl on;
ssl_certificate /usr/local/nginx/conf/server.crt;
ssl_certificate_key /usr/local/nginx/conf/server.key;
access_log /usr/local/nginx/logs/ssl.access.log;
error_log /usr/local/nginx/logs/ssl.error.log;
}
Restart the nginx:
# services nginx restart
You may also want to read these posts:
- Nginx enabling TLS SNI support on centos 5
- Nginx, redirecting all request to https
- Nginx IPV6
- Nginx – Customizing 404 page
- Nginx, Strip All Newlines Using nginx-nonewlines Module
- Change Nginx Version Header
- Nginx worker_cpu_affinity
- Nginx, limit website visitor bandwidth by country
- Nginx Reverse Proxying Multiple Domains Using map Module
- Nginx And Unix User Directories
Follow me on Twitter