openssl genrsa -des3 -out thesuki.key 1024
openssl req -new -key thesuki.key -out thesuki.csr
openssl x509 -req -days 700 -in thesuki.csr -signkey thesuki.key -out thesuki.crt
server {
listen 443;
server_name nagios.thesuki.org;
### SSL log files ###
access_log /var/log/nginx/nagios.thesuki.org-ssl-access.log;
error_log /var/log/nginx/nagios.thesuki.org-ssl-error.log;
### SSL cert files ###
ssl on;
ssl_certificate /etc/nginx/ssl/thesuki.crt;
ssl_certificate_key /etc/nginx/ssl/thesuki.key;
### Add SSL specific settings here ###
keepalive_timeout 600;
proxy_read_timeout 600;
### Limiting Ciphers ########################
# Uncomment as per your setup
#ssl_ciphers HIGH:!ADH;
#ssl_perfer_server_ciphers on;
#ssl_protocols SSLv3;
##############################################
### We want full access to SSL via backend ###
location / {
...
}
}
openssl genrsa -des3 -out thesuki.key 1024 openssl req -new -key thesuki.key -out thesuki.csr openssl x509 -req -days 700 -in thesuki.csr -signkey thesuki.key -out thesuki.crt
server { listen 443; server_name nagios.thesuki.org; ### SSL log files ### access_log /var/log/nginx/nagios.thesuki.org-ssl-access.log; error_log /var/log/nginx/nagios.thesuki.org-ssl-error.log; ### SSL cert files ### ssl on; ssl_certificate /etc/nginx/ssl/thesuki.crt; ssl_certificate_key /etc/nginx/ssl/thesuki.key; ### Add SSL specific settings here ### keepalive_timeout 600; proxy_read_timeout 600; ### Limiting Ciphers ######################## # Uncomment as per your setup #ssl_ciphers HIGH:!ADH; #ssl_perfer_server_ciphers on; #ssl_protocols SSLv3; ############################################## ### We want full access to SSL via backend ### location / { ... } }