Nginx Reverse proxy | HTTP and HTTPS | SSL/TLS

 

Nginx Reverse proxy | HTTP and HTTPS | SSL/TLS







                                      


1- creation 2 folder path var/www/
  user1/index.html
  user2/index.html
2-in folder nano  /etc/ngnx/site-available/ user1.conf
server {
        listen 80;
        listen [::]:80;
        root /var/www/user1;
        index  index.html  index.htm;
        server_name user1.local
    location / {
        try_files $uri $uri/ =404;
               }
       }

in folder nano  /etc/ngnx/site-available/ user2.conf
server {
        listen 80;
        listen [::]:80;
        root /var/www/user1;
        index  index.html  index.htm;
        server_name user2.local
    location / {
        try_files $uri $uri/ =404;
               }
       }
3-création  link.
sudo ln -s /etc/nginx/sites-availlable/user1.conf /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/user1.conf /etc/nginx/sites-enabled/
ls -l /etc/nginx/sites-enabled/
change owner to www-data
chown -R www-data:www-data user1
chown -R www-data:www-data user2
sudo nginx-t ///test
Test on local machine :
4-In host file insert the Following.
 192.168.1.1 user1.local
192.168.1.1 user2.local
http;//user1.local
http;//user2.local








Create self-signed SSL certificate with OpenSSL



     







Create a self-signed SSL certificate with OpenSSL

  • In this post we will explore how to create a self-signed SSL certificate files using OpenSSL

  • OpenSSL is a toolkit for cryptography

What is a self-signed certificate

  • A self-signed certificate is a digital certificate that is signed by its own creator, rather than a trusted third-party Certificate Authority (CA). They are often used in development and testing environments where CA is not necessary

  • The following files will be generated for a self-signed certificate

    • cert.pem - Certificate file. This contains the public key, certificate information like subject, department, Organizational unit, country etc.

    • key.pem - encrypted private key file. This contains the private key

    • certificate.pfx - contains both certificate and private key information in a single file

Install OpenSSL


sudo apt update

sudo apt install openssl  libssl-dev

Certificate and private key files generation

Command for Interactive mode

  • Upon running the following command, the files cert.pem and key.pem are generated after answering the questions by openssl.

openssl req -x509 -newkey rsa:4096 -keyout  key.pem -out cert.pem -sha256 -days 365

Command for Non-interactive and 10 years expiration


openssl req -x509 -newkey rsa:4096 -keyout  key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"

Create pfx file from certificate and key files

  • The following command creates the pfx file (certificate.pfx) from key.pem and cert.pem files

openssl pkcs12 -export -out certificate.pfx -inkey  key.pem -in cert.pem

Check PFX contents:

  • Run the following command to check if the pfx file is valid and the contents of pfx file

openssl pkcs12 -info -in certificate.pfx

No comments:

Post a Comment

Subscribe to: Comments (Atom)

Networking Fundamentals Course

CISCO SYSTEMS                                                         in this blog we will learn together the different  layer 2 and 3 netwo...

  • Networking Fundamentals Course
    CISCO SYSTEMS                                                         in this blog we will learn together the different  layer 2 and 3 netwo...