Nginx : SSL/TLS Setting


[1] . Configure Nginx. For example, enable SSL/TLS on default site.

 
[root@www ~]# vi /etc/nginx/conf.d/ssl.conf
# add to the end

# replace servername and path of certificates to your own one

server {
    listen       443 ssl http2 default_server;
    listen       [::]:443 ssl http2 default_server;
    server_name  www.srv.world;
    root         /usr/share/nginx/html;

    ssl_certificate "/etc/letsencrypt/live/www.srv.world/fullchain.pem";
    ssl_certificate_key "/etc/letsencrypt/live/www.srv.world/privkey.pem";
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  10m;
    ssl_ciphers PROFILE=SYSTEM;
    ssl_prefer_server_ciphers on;

    include /etc/nginx/default.d/*.conf;

    location / {
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

[root@www ~]# systemctl restart nginx

[2] . If you'd like to set HTTP connection to redirect to HTTPS (Always on SSL/TLS), configure like follows.

 
[root@www ~]# vi /etc/nginx/nginx.conf
# add into the section of listening 80 port

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        return       301 https://$host$request_uri;
        server_name  www.srv.world;
        root         /usr/share/nginx/html;

[root@www ~]# systemctl restart nginx

[3]. If Firewalld is running, allow HTTPS service. HTTPS uses [443/TCP].

 
[root@www ~]# firewall-cmd --add-service=https --permanent
 success
[root@www ~]# firewall-cmd --reload
 success

 
[4] .Verify to access to the test page from a client computer with a Web browser via HTTPS. If you set Always On SSL/TLS, access with HTTP to verify the connection is redirected to HTTPS normally, too.

 

 

 

Comments

Post a Comment

Popular posts from this blog

Java : Variables Declaring

[1]. Java Variables Variables are containers for storing data values. In Java, there are different types of variables, for example: String - stores text, such as "Hello". String values are surrounded by double quotes int - stores integers (whole numbers), without decimals, such as 123 or -123 float - stores floating point numbers, with decimals, such as 19.99 or -19.99 char - stores single characters, such as 'a' or 'B'. Char values are surrounded by single quotes boolean - stores values with two states: true or false [2]. Declaring (Creating) Variables To create a variable, you must specify the type and assign it a value: Syntax type variable = value ; Where type is one of Java's types (such as int or String), and variable is the name of the variable (such as x or name). The equal sign is used to assign values to the variable. To create a variable that should store text, look at the following example: Example Create a variable called  name  of type  Stri...
Read more

Install DNF in RHEL/CentOS 7

  Install DNF in RHEL/CentOS 7 DNF stands for Dandified yum. DNF is a software package manager for RPM-based Linux distributions such as Fedora, RHEL and CentOS. It is the next upcoming major version of Yum. DNF is first introduced in Fedora and has replaced to become the default package manager of the Fedora distributions. DNF is same as Yum that installs, updates and removes packages on RPM bas4ed Linux systems. DNF is introduced for improving the bottlenecks of Yum such as performance, Memory usages, Dependency resolution, speed, and some other factors. The latest stable release of DNF is 1.0 and it is written in Python.   Installation of DNF in RHEL/CentOS 7 1) To install DNF on RHEL/CentOS 7 systems, you need to set up and enable epel YUM REPO before installing DNF. # yum install epel-release 2) Install DNF # yum install DNF 3) You can now start to run commands using DNF. To view the man page you can use the following command: # dnf –help
Read more

SQL Self JOIN

SQL Self JOIN A self JOIN is a regular join, but the table is joined with itself. Self JOIN Syntax SELECT column_name(s) FROM table1 T1, table1 T2 WHERE condition; T1 and T2 are different table aliases for the same table.
Read more