By default, the Web Console is accessible on HTTP.
You can add a SSL Certificate to the Web Console.
There are multiple types of certificates that can be used to enable SSL.
1. Self-Signed Certificate
Preamble
We consider in this example the following parameters
- Certificate validity period of key SSL is 365 days
- Private key file name is "server.key"
- Certificate file name is "server.crt"
1. Creation of the self-signed certificate
[root@nodeum]# cd /opt/nginx
[root@nodeum nginx]# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
Generating a RSA private key ..........+++++
..................................................................................................................+++++
writing new private key to '/ opt/nginx/secret.key' ----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value, If you enter '.', the field will be left blank.
----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:California
Locality Name (eg, city) []:Newyork
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Webdock
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:site1.example.com
Email Address []:admin@example.com
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@nodeum nginx]#
Creation of 2048 bit Diffie-Hellman RSA key parameters
[root@nodeum nginx]# sudo openssl dhparam -out dhparam.pem 2048
Once done, it's required to update the NGINX configuration file , we recommend to backup the configuration before any changes.
[root@nodeum nginx]# cd ./conf/
[root@nodeum conf]# vi nodeum.conf
...
server {
listen 80;
# ADD SSL CONFIG
listen 443 ssl;
server_name nodeum-qualif.mt-c.local;
ssl_certificate /opt/nginx/server.crt;
ssl_certificate_key /opt/nginx/server.key;
ssl_dhparam /opt/nginx/dhparam.pem;
# END SSL CONFIG
...
}
[root@nodeum conf]# systemctl restart nginx
Let Us Know What You Thought about this Post.
Put your Comment Below.