Created
August 25, 2014 20:18
-
-
Save MattSurabian/ad31dc741d190959cd49 to your computer and use it in GitHub Desktop.
Boiler plate NGINX SSL config for serving a locally running application. Replace everything surrounded with <>.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name <FQDN>; | |
| rewrite ^ https://$server_name$request_uri? permanent; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 443; | |
| ssl on; | |
| ssl_certificate <PATH_TO_CERT>; | |
| ssl_certificate_key <PATH_TO_KEY>; | |
| #enables SSLv3/TLSv1, but not SSLv2 which is weak and should no longer be used. | |
| ssl_protocols SSLv3 TLSv1; | |
| #Disables all weak ciphers | |
| ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM; | |
| server_name <FQDN>; | |
| location / { | |
| proxy_pass http://localhost:<APP_PORT>; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment