Configuring SSL/TLS with Nginx on CentOS

To configure SSL/TLS with Nginx on CentOS, you can follow these steps:

Step 1: Install Nginx

If you haven't installed Nginx, run the following command to install it:

sudo yum install nginx

Step 2: Install OpenSSL

If you don't have OpenSSL installed, install it using the following command:

sudo yum install openssl

Step 3: Create a directory for SSL certificate files

Create a directory to store SSL certificate files:

sudo mkdir /etc/nginx/ssl

Step 4: Generate self-signed SSL/TLS certificates (Optional)

If you are not using SSL certificates from a certificate authority, you can generate self-signed certificates with OpenSSL. This is useful for testing SSL/TLS in a development environment. To create a self-signed certificate, run the following commands:

cd /etc/nginx/ssl
sudo openssl genrsa -out server.key 2048
sudo openssl req -new -key server.key -out server.csr
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 5: Configure Nginx to use SSL/TLS

Open the Nginx configuration file for the website you want to secure:

sudo vi /etc/nginx/conf.d/your_domain.conf

Add the following lines to the configuration file to enable SSL:

server {
    listen 80;
    server_name your_domain.com www.your_domain.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name your_domain.com www.your_domain.com;

    ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;

    # Additional SSL/TLS options can be added here (optional)
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    
    # Additional configurations (if needed)
    
    location / {
        # Reverse proxy configuration (if needed)
    }
}

Step 6: Test and restart Nginx

Check if the Nginx configuration has any errors:

sudo nginx -t

If there are no errors, restart the Nginx service to apply the new configuration:

sudo systemctl restart nginx

Once completed, your website will be secured with SSL/TLS. Note that using self-signed certificates will result in the browser warning about untrusted certificates. To have a trusted SSL/TLS certificate, you need to purchase or obtain a free certificate from a certificate authority.

Configuring SSL/TLS with Nginx on CentOS

Step 1: Install Nginx

Step 2: Install OpenSSL

Step 3: Create a directory for SSL certificate files

Step 4: Generate self-signed SSL/TLS certificates (Optional)

Step 5: Configure Nginx to use SSL/TLS

Step 6: Test and restart Nginx

Related Posts

Popular Tags

Top Posts

TypeScript Integration with Angular, React and Vue.js: Configuration and Benefits in Web Application Development

Javascript html5 canvas triangle shape with rounded corners

Big Data Analytics: Methods and Tools

Add click event to iframe - How to detect a click event on a cross domain iframe - javascript

Hadoop vs Spark: Big Data Processing Technologies

Auto Formatting Currency With Jquery

Networking in Docker: Connecting and Managing Networks in Docker

Outstanding Features of TypeScript: Static Type Checking, Compiler, Module System

Advantages and Disadvantages of Using TypeScript in Application Development

Pros and Cons of Utilizing Cache File in Applications

New Post

What Do You Know About SSR (Server-Side Rendering) and CSR (Client-Side Rendering)? When Should Each Method Be Used?

How to Optimize Front-End Web Performance: Best Practices & Tips

Tech Lead Web Developer Interview Questions: Technical, Leadership & Problem-Solving

Demystifying Tokens: Understanding Their Role and the Significance of Refresh Tokens

Efficient JavaScript Asynchronous: Harnessing Async/Await and Promise

Differences Between Stack and Queue in Data Structures

Understanding Vue.js Composables vs. Mixins - Key Differences

Cloud Search Algorithm in Java: Introduction, Operation

Random Search Algorithm in Java: Introduction, How It Works, Example

Kubernetes: Definition, Functions, and Operation Mechanisms