|
1 2 3 4 5 6 7 8 9 10 11 |
tar -xf dpkg_1.17.6.tar.xz cd dpkg-1.17.6 # Ubuntu # sudo apt-get install libncurses5-dev libncursesw5-dev sudo yum install ncurses-devel ncurses ./configure make cd utils make cc start-stop-daemon.c -o start-stop-daemon sudo cp start-stop-daemon /usr/local/bin |
Done!
Before we can sign up for a certificate we have to generate a RSA private key
|
1 |
openssl genrsa -des3 -out example.com_secure.key 2048 |
You will be prompted to provide a passphrase(required). The key file is secured with this passphrase but we will eventually remove this protection.
Then, we will use this private key to generate a certificate signing request which is then submitted to the CA.
|
1 |
openssl req -new -key example.com_secure.key -out example.com.csr |
Before we start configuring HTTPS Server we have to make sure to remove the passphrase from our RSA key. Otherwise you have to provide the password every time server started.
|
1 |
openssl rsa -in example.com_secure.key -out example.com_secure.key |
The unencrypted private key should only be readable by the owner of the Nginx or Apache master process. Most of the time this is the root user:
|
1 2 |
chmod 400 example.com_secure.key sudo chown root:root example.com_secure.key |
|
1 |
openssl x509 -req -days 365 -in example.com_secure.csr -signkey example.com_secure.key -out example.com_secure.crt |
|
1 2 3 4 5 6 7 8 9 10 11 |
server { listen 443; server_name example.com; root /var/www/example.com ssl on; ssl_certificate /path/example.com_secure.crt; ssl_certificate_key /path/example.com_secure.key; } |
|
1 2 3 4 5 6 7 |
<VirtualHost *:443> DocumentRoot /var/www/example.com SSLEngine on SSLCertificateFile /path/example.com_secure.crt SSLCertificateKeyFile /path/example.com_secure.key SSLCertificateChainFile /path/example.com_secure.crt </VirtualHost> |
Install Apache2 + FastCGI + PHP-FPM
/etc/apache2/sites-availabe/test.server.com.conf:
|
1 2 3 4 5 6 7 |
<VirtualHost 127.0.0.1:8080> ServerName test.server.com ServerAdmin webmaster@server.com DocumentRoot /var/www/test.server.com ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> |
/etc/apache2/ports.conf:
|
1 |
Listen 127.0.0.1:8080 |
sudo apt-get install nginx
/etc/nginx/sites-available/test:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
server { listen 80; root /var/www/test.server.com; index index.html index.php index.htm; server_name test.server.com; location / { # Custom 404 page # try_files $uri $uri/ /not_found_error.html; } location ~ \.php$ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.0.0.1:8080; } location ~ /\.ht { deny all; } } |
sudo ln -s /etc/nginx/sites-available/test /etc/nginx/sites-enabled/test
sudo rm /etc/nginx/sites-enabled/default
sudo service nginx restart
sudo service apache2 restart
sudo service php5-fpm restart
“Ask yourself what you want for yourself and your life in the next year. What is it that you want to offer the world? Who do you want to be, what do you want more of in your life? And then ask: How might I get there?”
Psychologist Kelly McGonigal explains how to make resolutions that lead to real change:
