add localhost ssl certificate to nginx

1. key

openssl genrsa -des3 -out localssl.key 1024

2. csr

openssl req -new -key localssl.key -out localssl.csr

3. remove passphrase

cp localssl.key localssl.key.org
openssl rsa -in localssl.key.org -out localssl.key

4. crt

openssl x509 -req -days 365 -in localssl.csr -signkey localssl.key -out localssl.crt

5. add to ssl certificate

sudo cp localssl.crt /etc/ssl/certs/
sudo cp localssl.key /etc/ssl/private/

6. modify /etc/nginx/sites-enabled/flask.conf (flask.conf to be replace to your configure name)

server {
    listen      80;
    server_name admin.domain.com;
    charset     utf-8;
    client_max_body_size 75M;

  
    location / {
        include uwsgi_params;
        uwsgi_pass unix:/var/www/app/uwsgi.sock;
    }

    location /static {
    root /var/www/app/;
    }
}

server {
    listen                443;
    ssl                   on;
    ssl_certificate       /etc/ssl/certs/localssl.crt;
    ssl_certificate_key   /etc/ssl/private/localssl.key;
    keepalive_timeout     70;
    server_name           admin.domain.com;
   
    charset     utf-8;
    client_max_body_size 75M;


    location / {
        include uwsgi_params;
        uwsgi_pass unix:/var/www/app/uwsgi.sock;
    }

    location /static {
    root /var/www/app/;
    }
}

7. add admin.domain.com to /etc/hosts

echo '127.0.0.1    admin.domain.com'

8. reload nginx

sudo nginx -s reload

reference: SSL on localhost with nginx
Ubuntu Gutsy - self signed SSL certificates and Nginx

留言

這個網誌中的熱門文章

相見恨晚的自動化測試開發工具 Sikuli

[IIS] 自我簽署憑證來啟用SSL

台北市安心地圖