Nginx Reverse proxy | HTTP and HTTPS | SSL/TLS
1- creation 2 folder path var/www/
user1/index.html
user2/index.html
2-in folder nano /etc/ngnx/site-available/ user1.conf
server {
listen 80;
listen [::]:80;
root /var/www/user1;
index index.html index.htm;
server_name user1.local
location / {
try_files $uri $uri/ =404;
}
}
in folder nano /etc/ngnx/site-available/ user2.conf
server {
listen 80;
listen [::]:80;
root /var/www/user1;
index index.html index.htm;
server_name user2.local
location / {
try_files $uri $uri/ =404;
}
}
3-création link.
sudo ln -s /etc/nginx/sites-availlable/user1.conf /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/user1.conf /etc/nginx/sites-enabled/ls -l /etc/nginx/sites-enabled/change owner to www-data
chown -R www-data:www-data user1
chown -R www-data:www-data user2
sudo nginx-t ///test
Test on local machine :
4-In host file insert the Following.
192.168.1.1 user1.local
192.168.1.1 user2.local
http;//user1.local
http;//user2.local
Create self-signed SSL certificate with OpenSSL
Create a self-signed SSL certificate with OpenSSL
In this post we will explore how to create a self-signed SSL certificate files using OpenSSL
OpenSSL is a toolkit for cryptography
What is a self-signed certificate
A self-signed certificate is a digital certificate that is signed by its own creator, rather than a trusted third-party Certificate Authority (CA). They are often used in development and testing environments where CA is not necessary
The following files will be generated for a self-signed certificate
cert.pem- Certificate file. This contains the public key, certificate information like subject, department, Organizational unit, country etc.key.pem- encrypted private key file. This contains the private keycertificate.pfx- contains both certificate and private key information in a single file
Install OpenSSL
OpenSSL can be downloaded for windows at https://slproweb.com/products/Win32OpenSSL.html
OpenSSL also comes in-built with git bash
OpenSSL can be installed in debian linux operating systems using the following commands
sudo apt update
sudo apt install openssl libssl-dev
Certificate and private key files generation
Command for Interactive mode
- Upon running the following command, the files cert.pem and key.pem are generated after answering the questions by openssl.
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
Command for Non-interactive and 10 years expiration
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"
Create pfx file from certificate and key files
- The following command creates the pfx file (certificate.pfx) from key.pem and cert.pem files
openssl pkcs12 -export -out certificate.pfx -inkey key.pem -in cert.pem
Check PFX contents:
- Run the following command to check if the pfx file is valid and the contents of pfx file
openssl pkcs12 -info -in certificate.pfx
No comments:
Post a Comment