Nginx web server with SSL

-
Some Web sites, such as on-line stores, require secure communication (HTTPS) to protect credit-card transactions and customer information. Like Apache, Nginx supports HTTPS via an SSL module, and it’s very easy to set up.
In this tutorial i use hostname srv-web01.nginx.vn with the ip address 10.11.218.251.
First, you need to generate an SSL certificate. The openssl command will ask you a bunch of questions, but you simply can press Enter for each one:
# yum install openssl
# mkdir /etc/nginx/ssl
# cd /etc/nginx/ssl
# openssl req -new -x509 -nodes -days 265 -newkey rsa:2048 -out server.crt -keyout server.key
Create a new config file called /etc/nginx/sites-available/nginx.vn, which contains the following:

server {

listen 443;

server_name nginx.vn;

root /var/www/nginx.vn

index index.html index.htm

access_log /var/log/nginx/nginx.vn-access.log;

error_log /var/log/nginx/nginx.vn-error.log;

ssl on;

ssl_certificate /etc/nginx/ssl/server.crt;

ssl_certificate_key /etc/nginx/ssl/server.key;

}
Create the root directory and index.html file:
# mkdir /var/www/nginx.vn
# cd /var/www/nginx.vn
# echo “Nginx web server with SSL” > index.html
Enable the site and restart Nginx:
# cd /etc/nginx/sites-enabled
# ln -s ../sites-available/nginx.vn .
# /etc/init.d/nginx restart
open your web browser and go to https://10.11.218.251/

Comments

Post a Comment

Popular posts from this blog

Redirect all unencrypted traffic to HTTPS in Apache

-
To redirect all HTTP traffic to HTTPS administrators are encouraged to issue a permanent redirect using the 301 status code. When using Apache this can be achieved by a setting such as the following in the Apache VirtualHosts config: <VirtualHost *:80> ServerName example.com Redirect permanent / https://example.com/ </VirtualHost>
Read more

Web Servers Load balancing with HAProxy

-
HAProxy is a free, very fast and reliable solution offering  high availability , load balancing , and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world’s most visited ones. See more at  http://haproxy.org This tuturial, I use hostname and ip as follows: 10.11.218.250 (haproxy) 10.11.218.251 (srv-web01) 10.11.218.252 (srv-web02) Installing HAProxy server #yum install haproxy [RedHat Systems] #apt-get install haproxy [Debian Systems] Configuring HAProxy Server Opening the main HAProxy configuration file ‘/etc/haproxy/haproxy.cfg’ and editing the following content: #---------------------------------------------------------------- # Global settings global # need to: # to have these messages end up in /var/log/haproxy.log you will # # by adding the '-r' option to the SYSLOGD_OPTIONS in # 1) configure syslog to accept network log events. This i
Read more

Using nginx as http load balancer

-
Image
Load balancing across multiple application instances is a commonly used technique for optimizing resource utilization, maximizing throughput, reducing latency, and ensuring fault-tolerant configurations. Nginx is a very efficient HTTP load balancer to distribute traffic to several application servers and to improve performance, scalability and reliability of web applications. Nginx Load balancing methods The following load balancing mechanisms (or methods) are supported in nginx: round-robin least-connected ip-hash See detail at http://nginx.org/en/docs/http/load_balancing.html Initialization Nginx Load Banlancing In this tutorial I use any hostname and ip addresses as follows: srv-lb01 (10.11.218.250) (Nginx load balancer) srv-web01 (10.11.218.251) ( Web server) srv-web02 (10.11.218.252) ( Web server) srv-web03 (10.11.218.253) ( Web server) Note: pointing nginx.vn to 10.11.218.250 (Replace nginx.vn with your real site name) Default load balancing c
Read more