Nginx https: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „<pre> server { listen 443 ssl default_server; listen [::]:443 ssl default_server; root /var/www/html; index index.html index.htm index.nginx-d…“) |
|||
| (8 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| + | ==SSL Certifikat erstellen== | ||
| + | |||
| + | sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt | ||
| + | |||
| + | ==Website mit Zertifikat verknüpfen== | ||
| + | |||
| + | *vim /etc/nginx/sites-available/website | ||
| + | |||
<pre> | <pre> | ||
server { | server { | ||
| − | listen | + | listen 80; |
| − | + | server_name www.it113.int; | |
| − | + | return 301 https://$host$request_uri; | |
| − | |||
| − | server_name | + | } |
| + | |||
| + | server { | ||
| + | listen 443 ssl; | ||
| + | server_name www.it113.int; | ||
| + | listen [::]:443; | ||
| − | ssl_certificate /etc/ssl/certs/ | + | ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; |
| − | ssl_certificate_key /etc/ssl/private/ | + | ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; |
ssl_protocols TLSv1.2 TLSv1.3; | ssl_protocols TLSv1.2 TLSv1.3; | ||
| + | ssl_ciphers HIGH:!aNULL:!MD5; | ||
ssl_prefer_server_ciphers on; | ssl_prefer_server_ciphers on; | ||
| − | + | ||
| + | |||
| + | root /var/www/html/website; | ||
| + | index index.html index.htm; | ||
| + | |||
| + | server_name _; | ||
location / { | location / { | ||
try_files $uri $uri/ =404; | try_files $uri $uri/ =404; | ||
| + | |||
} | } | ||
| + | |||
} | } | ||
| + | |||
</pre> | </pre> | ||
Aktuelle Version vom 14. März 2025, 08:28 Uhr
SSL Certifikat erstellen
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
Website mit Zertifikat verknüpfen
- vim /etc/nginx/sites-available/website
server {
listen 80;
server_name www.it113.int;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name www.it113.int;
listen [::]:443;
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /var/www/html/website;
index index.html index.htm;
server_name _;
location / {
try_files $uri $uri/ =404;
}
}