How to set up HTTPS with nginx?
Published on Aug. 22, 2023, 12:19 p.m.
To set up HTTPS with nginx, you need to create an SSL/TLS certificate and configure nginx to use it. Here are the general steps:
- Obtain an SSL/TLS certificate from a trusted certificate authority (CA), or generate a self-signed certificate if you’re testing or prototyping.
- Add the SSL/TLS certificate and private key to your server.
- Edit your nginx configuration file and add a new server block for HTTPS.
- In the new server block, add the ssl parameter to the listen directive, and specify the locations of the SSL/TLS certificate and private key files.
- Set up a redirect from HTTP to HTTPS, if desired.
Here’s an example of what the server block in your nginx configuration file might look like for HTTPS:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /path/to/ssl.crt;
ssl_certificate_key /path/to/ssl.key;
# other configuration options...
}
Note that you can also specify additional SSL/TLS options, such as the allowed protocols, ciphers, and DH parameters, by using the related configuration parameters. For example, to set the allowed protocols to TLSv1.2 and TLSv1.3 only, you can add the following line to your server block:
ssl_protocols TLSv1.2 TLSv1.3;
After you’ve made changes to the nginx configuration file, you need to reload the nginx service to apply the changes.