Subscribe to Email Updates

    Settings encryption | 2 min read

    Add a SSL Certificate on Web Console Administration

    By default, the Web Console Administration is accessible on HTTP.

    You can add a SSL Certificate to the Web Console Administration.

    There are multiple types of certificates that can be used to enable SSL.

    1. Self-Signed Certificate

    Preamble

    We consider in this example the following parameters 

    • Certificate validity period of key SSL is 365 days
    • Private key file name is "server.key"
    • Certificate file name is "server.crt"

    1. Creation of the self-signed certificate 


    [root@nodeum]# cd /opt/nginx
    [root@nodeum nginx]# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
    Generating a RSA private key ..........+++++
    ..................................................................................................................+++++
    writing new private key to '/ opt/nginx/secret.key' ----
    You are about to be asked to enter information that will be incorporated into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value, If you enter '.', the field will be left blank.
    ----
    Country Name (2 letter code) [AU]:US
    State or Province Name (full name) [Some-State]:California
    Locality Name (eg, city) []:Newyork
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:Webdock
    Organizational Unit Name (eg, section) []:IT
    Common Name (e.g. server FQDN or YOUR name) []:site1.example.com
    Email Address []:admin@example.com
    Please enter the following 'extra' attributes to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    [root@nodeum nginx]#

    Creation of 2048 bit Diffie-Hellman RSA key parameters

    [root@nodeum nginx]# sudo openssl dhparam -out dhparam.pem 2048

    Once done, it's required to update the NGINX configuration file , we recommend to backup the configuration before any changes.

    [root@nodeum nginx]# cd ./conf/ 
    [root@nodeum conf]# vi nodeum.conf
    ...
    server {       
    listen 80;

    # ADD SSL CONFIG    
    listen 443 ssl;    
    server_name nodeum-qualif.mt-c.local;        
    ssl_certificate      /opt/nginx/server.crt;        
    ssl_certificate_key  /opt/nginx/server.key;        
    ssl_dhparam          /opt/nginx/dhparam.pem;
    # END SSL CONFIG

    ...
    }
    [root@nodeum conf]# systemctl restart nginx

     

     

    Related Categories

    Settings encryption

    You may also like:

    Workflow Settings Best Practice

    Primary Storage

    Definition Primary storage is the type of storage and technologies used to store and retain digital information that is ...

    Settings encryption

    Enable SSL Certificate Container accessible on S3 Protocol

    By default, the Containers are accessible on S3 with HTTP protocol. You can add a SSL Certificate to allow data encrypti...

    Settings encryption S3

    Setup SSE to encrypt S3 Buckets

    Description S3 connector is compatible with the Server-side encryption. This encryption solution is about protecting dat...

    Let Us Know What You Thought about this Post.

    Put your Comment Below.

    Learn and grow with award-winning support and a thriving community behind you.

    Get the free version