Setting up a Basic HTTPS Config on Nginx
bartron on 1/3/2021
For this walk through, we'll create an SSL certificate. I used Let's Encrypt This. (https://certbot.eff.org/#ubuntuxenial-nginx)
sudo apt-get install letsencrypt
sudo letsencrypt certonly --standalone -d example.com -d www.example.com
You may have to stop and start nginx depending on your configuration when you request a certificate. Here are the two commands:
sudo service ngnix stop
sudo service ngnix start
This part is optional, but if you want to redirect all HTTP traffic over to HTTPS, you can insert an additional server block into your nginx site config:
server {
listen 80;
server_name www.example.com;
return 301 https://$server_name$request_uri;
}
The next part is the most critical. Basically you just listen on the standard port for HTTPS (443), enable SSL and provide the directory to your SSL certificate and key:
server {
listen 443;
ssl on;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name www.example.com;
...
}
That's basically it. If you're hosting asp.net core app behind nginx, no changes are necessary. You can still reverse proxy to HTTP, just like before.
To renew your certificate, stop nginx or apache, and use this command:
sudo letsencrypt renew