Wednesday, October 08, 2014

https build with nginx + startssl

startssl provide free ssl certification. I have updated my website with https connection.

first step is to apply a ssl certifciation on startsll. Please notice there is no username/passwd to login startsll website instead of certification on your browser which is installed by startssl. second is to follow website to fill personal information, validation your email and produce private key. private key (ssl.key) is not stored in startsll server, but it will download to your computer. Then you need to wait for sometimes to fetch public key (ssl.crt) and retrieve it from "Retrieve Certificate" in Toolbox.

second step is to configure nginx to use ssl.key and ssl.crt, see this link for detail. You also could use this website to check if any problem

Last thing needs to notice is firewall configuration on your server. Please open 443 port and remove other un-necessory configuration rule for 443. Previously I forwarded 443 to 8080 for shadowsocks and it toke me long time to find that is root caused for my https connection failure

Post a Comment