ood Evening lodgers....
Today am going to show you, how to go about accessing https/ssl site's using chocolate & IWP via nginX webserver through ya vps server.
This is do it ya self tutorial, and if you face problem in doing this feel free to discuss it here... I will attend to ya when i have the time
Firstly, you need to have nginx already
installed and running on your VPS.
If this is not the case, you can go to my recent thread on how to install nginX webserver.
Step One—Create a Directory for
the Certificate:
The SSL certificate has 2 parts main parts: the
certificate itself and the public key. To make
all of the relevant files easy to access, we
should create a directory to store them in:
sudo mk dir /etc/nginx/ssl
We will perform the next few steps within
the directory:
cd /etc/nginx/ssl
Step Two—Create the Server Key
and Certificate Signing Request:
Start by creating the private server key.
During this process, you will be asked to
enter a specific passphrase. Be sure to note
this phrase carefully, if you forget it or lose
it, you will not be able to access the
certificate.
sudo openssl genrsa -des3 -out server.key1024
Follow up by creating a certificate signing
request:
sudo openssl req -new -key server.key -out server.csr
This command will prompt terminal to
display a lists of fields that need to be filled
in.
The most important line is "Common Name".
Enter your official domain name here or, if
you don't have one yet, your site's/vps IP
address. Leave the challenge password and
optional company name blank.
Step Three—Remove the
Passphrase:
We are almost finished creating the
certificate. However, it would serve us to
remove the passphrase. Although having the
passphrase in place does provide heightened
security, the issue starts when one tries to
reload nginx. In the event that nginx crashes or needs to reboot, you will always have to
re-enter your passphrase to get your entire
web server back online.
sudo cp server.key server.key.org
sudo openssl rsa -in server.key.org -out server.key
Step Four— Sign your SSL
Certificate :
Your certificate is all but done, and you just
have to sign it.
Keep in mind that you can specify how long
the certificate should remain valid by
changing the 365 to the number of days you
prefer. As it stands this certificate will expire
after one year.
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
You are now done making your certificate.
Step Five—Set Up the Certificate:
Now we have all of the required components
of the finished certificate.The next thing to do
is to set up the virtual hosts to display the
new certificate.
Let's create new file with the same default
text and layout as the standard virtual host
file. You have to replace "example" in the
command with whatever name you prefer:
sudo cp /etc/nginx/sites -available /default/etc/nginx/sites -available/example
Then go ahead and open up that new file:
sudo nano /etc/nginx/sites -available/example
Scroll down to the bottom of the file and find
the section that begins with this:
Uncomment within the section under the line
HTTPS Server. Match your config to the
information above, replacing the
example.com in the "server_name" line with
your domain name or vps IP address.
Subsequently, add in the correct directory for your site (the above configuration includes
the default nginx page).
Additionally, make sure that both of these
lines are commented out in the line toward
the beginning of the file that says:
N.B Change local host to ya vps ip.
N.B Uncomment means.. Removing "#" sign
Step Six—Activate the Virtual Host:
The last step is to activate the host by
creating a symbolic link between the sites-
available directory and the sites-enabled
directory.
sudo ln -s /etc/nginx/sites -available/example /etc/nginx/sites -enabled/example
Then restart nginx:
sudo service nginx restart
Now, you can access HTTPS/SSL sites via ya chocolate and iwp using ya ngniX powered by openssl mod_TLS v2
Don't forget to LIKE my work
Enjoy Guyz
MORE METHOD ON HOW TO GO ABOUT THIS STILL COMING!!!
Today am going to show you, how to go about accessing https/ssl site's using chocolate & IWP via nginX webserver through ya vps server.
This is do it ya self tutorial, and if you face problem in doing this feel free to discuss it here... I will attend to ya when i have the time
Firstly, you need to have nginx already
installed and running on your VPS.
If this is not the case, you can go to my recent thread on how to install nginX webserver.
Step One—Create a Directory for
the Certificate:
The SSL certificate has 2 parts main parts: the
certificate itself and the public key. To make
all of the relevant files easy to access, we
should create a directory to store them in:
sudo mk dir /etc/nginx/ssl
We will perform the next few steps within
the directory:
cd /etc/nginx/ssl
Step Two—Create the Server Key
and Certificate Signing Request:
Start by creating the private server key.
During this process, you will be asked to
enter a specific passphrase. Be sure to note
this phrase carefully, if you forget it or lose
it, you will not be able to access the
certificate.
sudo openssl genrsa -des3 -out server.key1024
Follow up by creating a certificate signing
request:
sudo openssl req -new -key server.key -out server.csr
This command will prompt terminal to
display a lists of fields that need to be filled
in.
The most important line is "Common Name".
Enter your official domain name here or, if
you don't have one yet, your site's/vps IP
address. Leave the challenge password and
optional company name blank.
Code:
Y o u a r e a b o u t t o b e a s k e d t o e n t e r i n f o rma t i o n t h a t w i l l b e i n c o r p o r a t e d i n t o y o u r c e r t i f i c a t e r e q u e s t . Wh a t y o u a r e a b o u t t o e n t e r i s wh a t i s c a l l e d a D i s t i n g u i s h e d N ame o r a DN . T h e r e a r e q u i t e a f ew f i e l d s b u t y o u c a n l e a v e s ome b l a n k F o r s ome f i e l d s t h e r e w i l l b e a d e f a u l t v a l u e , I f y o u e n t e r ' . ' , t h e f i e l d w i l l b e l e f t b l a n k . - - - - - C o u n t r y N ame ( 2 l e t t e r c o d e ) [ A U ] : U S S t a t e o r P r o v i n c e N ame ( f u l l n ame ) [ S ome - S t a t e ] : N ew Y o r k L o c a l i t y N ame ( e g , c i t y ) [ ] : N Y C O r g a n i z a t i o n N ame ( e g , c omp a n y ) [ I n t e r n e t W i d g i t s P t y L t d ] : Awe s ome I n c O r g a n i z a t i o n a l U n i t N ame ( e g , s e c t i o n ) [ ] : D e p t o f Me r r i me n t C ommo n N ame ( e . g . s e r v e r F Q DN o r Y O U R n ame ) [ ] : e x amp l e . c om Ema i l A d d r e s s [ ] : we bma s t e r@awe s ome i n c . c om
Passphrase:
We are almost finished creating the
certificate. However, it would serve us to
remove the passphrase. Although having the
passphrase in place does provide heightened
security, the issue starts when one tries to
reload nginx. In the event that nginx crashes or needs to reboot, you will always have to
re-enter your passphrase to get your entire
web server back online.
sudo cp server.key server.key.org
sudo openssl rsa -in server.key.org -out server.key
Step Four— Sign your SSL
Certificate :
Your certificate is all but done, and you just
have to sign it.
Keep in mind that you can specify how long
the certificate should remain valid by
changing the 365 to the number of days you
prefer. As it stands this certificate will expire
after one year.
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
You are now done making your certificate.
Step Five—Set Up the Certificate:
Now we have all of the required components
of the finished certificate.The next thing to do
is to set up the virtual hosts to display the
new certificate.
Let's create new file with the same default
text and layout as the standard virtual host
file. You have to replace "example" in the
command with whatever name you prefer:
sudo cp /etc/nginx/sites -available /default/etc/nginx/sites -available/example
Then go ahead and open up that new file:
sudo nano /etc/nginx/sites -available/example
Scroll down to the bottom of the file and find
the section that begins with this:
Code:
# H T T P S s e r v e r s e r v e r { l i s t e n 4 4 3 ; s e r v e r _ n ame e x amp l e . c om ; r o o t / u s r / s h a r e / n g i n x /www ; i n d e x i n d e x . h t m l i n d e x . h t m ; s s l o n ; s s l _ c e r t i f i c a t e / e t c / n g i n x / s s l / s e r v e r . c r t ; s s l _ c e r t i f i c a t e _ k e y / e t c / n g i n x / s s l / s e r v e r . k e y ; }
HTTPS Server. Match your config to the
information above, replacing the
example.com in the "server_name" line with
your domain name or vps IP address.
Subsequently, add in the correct directory for your site (the above configuration includes
the default nginx page).
Additionally, make sure that both of these
lines are commented out in the line toward
the beginning of the file that says:
Code:
# Ma k e s i t e a c c e s s i b l e f r om h t t p : / / l o c a l h o s t / # s e r v e r _ n ame l o c a l h o s t ;
N.B Uncomment means.. Removing "#" sign
Step Six—Activate the Virtual Host:
The last step is to activate the host by
creating a symbolic link between the sites-
available directory and the sites-enabled
directory.
sudo ln -s /etc/nginx/sites -available/example /etc/nginx/sites -enabled/example
Then restart nginx:
sudo service nginx restart
Now, you can access HTTPS/SSL sites via ya chocolate and iwp using ya ngniX powered by openssl mod_TLS v2
Don't forget to LIKE my work
Enjoy Guyz
MORE METHOD ON HOW TO GO ABOUT THIS STILL COMING!!!
No comments:
Post a Comment