User Tools

Site Tools

Trace:
nginx_ssl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
nginx_ssl [2015/04/06 14:04] luke7858nginx_ssl [2024/05/23 07:26] (current) – external edit 127.0.0.1
Line 1: Line 1:
-You will need two server blocks for this:+==Files:== 
 +^ Directive               ^ Path to Enter                              |        
 +| ssl_certificate         | Certificate file + Intermidiate bundle  path |     
 +| ssl_certificate_key     | Key file path                                |    
 +ssl_certificate = .crt + .ca \\ 
 +ssl_certificate = 'cat Intermediate.txt >> your_domain_com.bundle' 
 +------------ 
 +\\ 
 +To configure and redirect nginx properly and cleanly you need 3 nginx server blocks
 +\\ 
 +The blocks below show a site that is redirected to https://non-www.domain 
 +\\ 
 +A quick overview of these nginx blocks can be found below: 
 +<code> 
 +server 80  -> Used to redirect 
 +Domains          : ALL domains 
 +DocRoot specified: NO (: YES if site is combo of http and https) 
 +Redirect         : https://domain # note non-www (: NO if site is combo of http and https) 
 + 
 +server 443 -> Used to redirect 
 +Domains          : www.domain 
 +DocRoot specified: NO 
 +Redirect         : https://domain # note non-www 
 + 
 +server 443 -> Delivers content 
 +Domains          : ONLY non-www 
 +DocRoot specified: YES 
 +Redirect         NO 
 +</code> 
 +\\ 
 +------------ 
 +\\ 
 +\\ 
 +If the customers application is taking care of the redirects then we can use the following example. \\ 
 +The example below shows configuration with 2 nginx files
  
 <sxh bash> <sxh bash>
Line 14: Line 48:
  
     access_log /var/log/nginx/example.co.uk.access.log;     access_log /var/log/nginx/example.co.uk.access.log;
-    error_log /var/log/nginx/example.co.uk.access.log;+    error_log /var/log/nginx/example.co.uk.error.log;
  
 +    location / {
 +        index index.html index.htm index.php;
 +        try_files $uri $uri/ =404;
 +    }
  
     ssl on;     ssl on;
     ssl_certificate /etc/httpd/conf/ssl/ssl.crt/example.co.uk.crt;     ssl_certificate /etc/httpd/conf/ssl/ssl.crt/example.co.uk.crt;
     ssl_certificate_key /etc/httpd/conf/ssl/ssl.key/example.co.uk.key;     ssl_certificate_key /etc/httpd/conf/ssl/ssl.key/example.co.uk.key;
 +    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #used to prevent poodle attacks for outdated protocols
  
- 
-location / { 
-        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; 
-        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; 
-        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; 
-        rewrite ^/(?!lib/)(.*) /doku.php?id=$1&$args last; 
-} 
  
 location ~ \.php$ { location ~ \.php$ {
Line 37: Line 69:
 } }
 </sxh> </sxh>
 +\\
 +\\
nginx_ssl.1428329074.txt.gz · Last modified: 2024/05/23 07:26 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki