Nginx SSL設定
ローカルでNginxがSSLで通信できるようにする
Docker使って立ち上げる場合
Nginx Docker 最小構成
self-signed 証明書の発行
秘密鍵を生成
openssl genrsa 4096 > server.key
CSR(署名リクエスト)の作成
openssl req -new -key server.key > server.csr
SSL証明書生成
openssl x509 -days 365 -req -signkey server.key < server.csr > server.crt
server.key, server.csr, server.crtを/etc/nginx/sslにおいておく
code:nginx.conf
events {}
http {
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
server {
listen 80;
server_name localhost;
return 301 https://$host$request_uri;
}
server {
# ssl settings
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
root /var/www/html;
index index.html;
}
}
再起動
service nginx reload
動作確認
curl http://localhostで301
curl --insecure https://localhostで200
ref
https://rinoguchi.hatenablog.com/entry/2019/05/31/135145