Configurare HTTPS Nginx cu un certificat SSL autosemnat.
It’s not recommended to use HTTPS without a valid SSL/TLS certificate. Certificatul este folosit pentru a cripta comunicarea dintre server și client, și fără un certificat valabil, the connection will not be encrypted and will be vulnerable to attacks.
in orice caz, if you still want to use HTTPS without a valid SSL/TLS certificate, you can do so by using a self-signed certificate or a certificate issued by a private Certificate Authority (CA). Here’s how to do it using nginx:
- Generate a self-signed certificate:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx-selfsigned.key -out /etc/nginx/ssl/nginx-selfsigned.crt
This command generates a self-signed certificate and key with a validity of 365 days and saves them to /etc/nginx/ssl/nginx-selfsigned.key
și /etc/nginx/ssl/nginx-selfsigned.crt
respectively.
- Configure nginx to use the self-signed certificate:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/ssl/nginx-selfsigned.crt;
ssl_certificate_key /etc/nginx/ssl/nginx-selfsigned.key;
# other server configurations
}
This configuration tells nginx to listen on port 443 (HTTPS) and use the self-signed certificate and key for SSL/TLS encryption.
Note that self-signed certificates are not trusted by default by web browsers and will result in a warning message when a user tries to access the website. To avoid this, you can install the self-signed certificate on the client devices or use a valid SSL/TLS certificate issued by a trusted CA.