NGINX SSL Certificate Not Working
Posted
by
LeSamAdmin
on Server Fault
See other posts from Server Fault
or by LeSamAdmin
Published on 2013-10-28T06:17:13Z
Indexed on
2013/10/28
9:55 UTC
Read the original article
Hit count: 159
I've been working on SSL stuff and getting nowhere from like 4 tutorials... I've bought an SSL for pingrglobe.com, and now trying to apply it to my servers. Here's my nginx code:
http {
server {
listen 80;
server_name pingrglobe.com;
rewrite ^(.*) http://www.pingrglobe.com$1 permanent;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/ssl/pingrglobe.crt;
ssl_certificate_key /etc/nginx/ssl/pingrglobe.key;
#enables SSLv3/TLSv1, but not SSLv2 which is weak and should no longer be used.
ssl_protocols SSLv3 TLSv1;
#Disables all weak ciphers
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
server_name www.pingrglobe.com;
root /var/www/pingrglobe.com;
index index.html index.php;
location / {
try_files $uri $uri/ @extensionless-php;
add_header Access-Control-Allow-Origin *;
}
rewrite ^/blog/blogpost/(.+)$ /blog/blogpost?post=$1 last;
rewrite ^/viewticket/(.+)/(.*)$ /viewticket?tid=$1&$2 last;
rewrite ^/vemail/(.+)$ /vemail?eid=$1 last;
rewrite ^/serversettings/(.+)$ /serversettings?srvid=$1 last;
rewrite ^/notification/(.+)$ /notification?id=$1 last;
rewrite ^/viewreport/(.+)$ /viewreport?srvid=$1 last;
rewrite ^/removeserver/(.+)$ /removeserver?srvid=$1 last;
rewrite ^/staffviewticket/(.+)/(.*)$ /staffviewticket?tid=$1&$2 last;
rewrite ^/activate/(.*)/(.*)/(.*)$ /activate?user=$1&code=$2&email=$3 last;
rewrite ^/activate2/(.*)/(.*)/(.*)$ /activate2?user=$1&code=$2&email=$3 last;
rewrite ^/passwordtoken/(.+)/(.*)/(.*)$ /passwordtoken?user=$1&token=$2&email=$3 last;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location @extensionless-php {
rewrite ^(.*)$ $1.php last;
}
location ~ /\. {
deny all;
}
}
}
SSL doesn't work as you see here: https://www.pingrglobe.com
© Server Fault or respective owner
