Subscribe to Email Updates

    Settings encryption | 2 min read

    Add a SSL Certificate on Web Console Administration

    By default, the Web Console Administration is accessible on HTTP.

    You can add a SSL Certificate to the Web Console Administration.

    There are multiple types of certificates that can be used to enable SSL.

    1. Self-Signed Certificate

    Preamble

    We consider in this example the following parameters 

    • Certificate validity period of key SSL is 365 days
    • Private key file name is "server.key"
    • Certificate file name is "server.crt"

    1. Creation of the self-signed certificate 


    [root@nodeum]# cd /opt/nginx
    [root@nodeum nginx]# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
    Generating a RSA private key ..........+++++
    ..................................................................................................................+++++
    writing new private key to '/ opt/nginx/secret.key' ----
    You are about to be asked to enter information that will be incorporated into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value, If you enter '.', the field will be left blank.
    ----
    Country Name (2 letter code) [AU]:US
    State or Province Name (full name) [Some-State]:California
    Locality Name (eg, city) []:Newyork
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:Webdock
    Organizational Unit Name (eg, section) []:IT
    Common Name (e.g. server FQDN or YOUR name) []:site1.example.com
    Email Address []:admin@example.com
    Please enter the following 'extra' attributes to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    [root@nodeum nginx]#

    Creation of 2048 bit Diffie-Hellman RSA key parameters

    [root@nodeum nginx]# sudo openssl dhparam -out dhparam.pem 2048

    Once done, it's required to update the NGINX configuration file , we recommend to backup the configuration before any changes.

    [root@nodeum nginx]# cd ./conf/ 
    [root@nodeum conf]# vi nodeum.conf
    ...
    server {       
    listen 80;

    # ADD SSL CONFIG    
    listen 443 ssl;    
    server_name nodeum-qualif.mt-c.local;        
    ssl_certificate      /opt/nginx/server.crt;        
    ssl_certificate_key  /opt/nginx/server.key;        
    ssl_dhparam          /opt/nginx/dhparam.pem;
    # END SSL CONFIG

    ...
    }
    [root@nodeum conf]# systemctl restart nginx

     

     

    Related Categories

    Settings encryption

    You may also like:

    Settings encryption

    Enable SSL Certificate Container accessible on S3 Protocol

    By default, the Containers are accessible on S3 with HTTP protocol. You can add a SSL Certificate to allow data encrypti...

    Settings encryption S3

    Setup SSE to encrypt S3 Buckets

    Description S3 connector is compatible with the Server-side encryption. This encryption solution is about protecting dat...

    Settings

    Software Appliance Backup feature

    Software Appliance Backup Feature This backup feature save all important information which allow a restoration of the sy...

    Let Us Know What You Thought about this Post.

    Put your Comment Below.

    Learn and grow with award-winning support and a thriving community behind you.

    Get the free version