WEB Servers

Configuring HTTPS server – Nginx

Generate a new private key and a Certificate Signing Request

openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.req

Generate a certificate signing request (CSR) for an existing private key

openssl req -new -key example.com.key -out example.com.req

Edit nginx configuration

sudo vim /etc/nginx/sites-available/default
server {
    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;
    ssl_certificate     /etc/nginx/ssl/example.com.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com.key;
}

Redirect to HTTPS

sudo vim /etc/nginx/sites-available/default
server {
        listen 80 default_server;
        listen [::]:80 default_server;
        return 301 https://$host$request_uri;
}

Restart nginx

sudo systemctl restart nginx.service