hchoroomi · February 14, 2012 08:30
diff --git a/gen_cert.rb b/gen_cert.rb
 # Pass in the name of the site you wich to create a cert for

 domain_name =  ARGV[0]

 if domain_name == nil
  puts "Y U No give me a domain name?"
 else
   system "openssl genrsa -out #{domain_name}.key 1024"
   system "openssl req -new -key #{domain_name}.key -out #{domain_name}.csr -subj '/C=US/ST=NJ/L=Monroe/O=MyCompany/OU=IT/CN=#{domain_name}'"
   system "cp #{domain_name}.key #{domain_name}.key.bak"
   system "openssl rsa -in #{domain_name}.key.bak -out #{domain_name}.key"
   system "openssl x509 -req -days 365 -in #{domain_name}.csr -signkey #{domain_name}.key -out #{domain_name}.crt"
 end
diff --git a/nginx.conf b/nginx.conf

 worker_processes  1;

 events {
    worker_connections  1024;
 }


 http {
    include       mime.types;
    default_type  application/octet-stream;


    sendfile        on;
    keepalive_timeout  65;

    server {
    	### server port and name ###
            listen          443 ssl;
            server_name     kickoff.dev;

    	### SSL log files ###
            access_log      logs/ssl-access.log;
            error_log       logs/ssl-error.log;

    	### SSL cert files ###
            ssl_certificate      ssl/kickoff.dev.crt;
            ssl_certificate_key  ssl/kickoff.dev.key;
    	### Add SSL specific settings here ###
            keepalive_timeout    60;

    	### We want full access to SSL via backend ###
         	location / {
    	        proxy_pass  http://kickoff.dev;
    		### force timeouts if one of backend is died ##
            	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

    		### Set headers ####
            	proxy_set_header Host $host;
            	proxy_set_header X-Real-IP $remote_addr;
    	        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    		### Most PHP, Python, Rails, Java App can use this header ###
            	proxy_set_header X-Forwarded-Proto https;

    		### By default we don't want to redirect it ####
    	        proxy_redirect     off;
            }
        } 
 }
	# Pass in the name of the site you wich to create a cert for

	domain_name = ARGV[0]

	if domain_name == nil
	puts "Y U No give me a domain name?"
	else
	system "openssl genrsa -out #{domain_name}.key 1024"
	system "openssl req -new -key #{domain_name}.key -out #{domain_name}.csr -subj '/C=US/ST=NJ/L=Monroe/O=MyCompany/OU=IT/CN=#{domain_name}'"
	system "cp #{domain_name}.key #{domain_name}.key.bak"
	system "openssl rsa -in #{domain_name}.key.bak -out #{domain_name}.key"
	system "openssl x509 -req -days 365 -in #{domain_name}.csr -signkey #{domain_name}.key -out #{domain_name}.crt"
	end

	worker_processes 1;

	events {
	worker_connections 1024;
	}


	http {
	include mime.types;
	default_type application/octet-stream;


	sendfile on;
	keepalive_timeout 65;

	server {
	### server port and name ###
	listen 443 ssl;
	server_name kickoff.dev;

	### SSL log files ###
	access_log logs/ssl-access.log;
	error_log logs/ssl-error.log;

	### SSL cert files ###
	ssl_certificate ssl/kickoff.dev.crt;
	ssl_certificate_key ssl/kickoff.dev.key;
	### Add SSL specific settings here ###
	keepalive_timeout 60;

	### We want full access to SSL via backend ###
	location / {
	proxy_pass http://kickoff.dev;
	### force timeouts if one of backend is died ##
	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

	### Set headers ####
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

	### Most PHP, Python, Rails, Java App can use this header ###
	proxy_set_header X-Forwarded-Proto https;

	### By default we don't want to redirect it ####
	proxy_redirect off;
	}
	}
	}