Nginx Apache SSL Example

-------------- NGINX -> ** /etc/nginx/sites-available/domainx.conf**

server {
listen 80;
servername xxxxx.domainx.com;
return 301 https://$host$requesturi;
}

server {
listen 443 ssl;
servername xxxxx.domainx.com;
sslcertificate /etc/nginx/ssl/cert_domainx.crt;
sslcertificatekey /etc/nginx/ssl/cert_domainx.key;
location / {
proxypass https://192.168.0.100:6443;
proxysetheader X-Real-IP $remoteaddr;
proxysetheader X-Forwarded-For $proxyaddxforwardedfor;
proxysetheader X-Forwarded-Proto https;
proxysetheader X-Forwarded-Port 443;
proxysetheader Host $host;
}
}
*-------------- APACHE -> * ports.conf
Listen 8085

<IfModule ssl_module>
Listen 6443
</IfModule>

<IfModule mod_gnutls.c>
Listen 6443
</IfModule>
*-------------- APACHE -> * 000-default.conf

<VirtualHost *:**8085**>
ServerName xxxxx.domainx.com
Redirect permanent / https://xxxxx.domainx.com/
</VirtualHost>

<VirtualHost *:**6443**>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName xxxxx.domainx.com

ServerAdmin **webmaster@localhost**
DocumentRoot /var/www/html

SSLEngine on
SSLCertificateFile **/etc/apache2/ssl/cert_domainx.crt**
SSLCertificateKeyFile **/etc/apache2/ssl/cert_domainx.key**
SSLCACertificateFile **/etc/apache2/ssl/cert_intermediate.crt**

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>

Leave a Reply

Your email address will not be published. Required fields are marked *