openssl genrsa -des3 -out thesuki.key 1024 openssl req -new -key thesuki.key -out thesuki.csr openssl x509 -req -days 700 -in thesuki.csr -signkey thesuki.key -out thesuki.crt
server { listen 443; server_name nagios.thesuki.org; ### SSL log files ### access_log /var/log/nginx/nagios.thesuki.org-ssl-access.log; error_log /var/log/nginx/nagios.thesuki.org-ssl-error.log; ### SSL cert files ### ssl on; ssl_certificate /etc/nginx/ssl/thesuki.crt; ssl_certificate_key /etc/nginx/ssl/thesuki.key; ### Add SSL specific settings here ### keepalive_timeout 600; proxy_read_timeout 600; ### Limiting Ciphers ######################## # Uncomment as per your setup #ssl_ciphers HIGH:!ADH; #ssl_perfer_server_ciphers on; #ssl_protocols SSLv3; ############################################## ### We want full access to SSL via backend ### location / { ... } }