How to enable SSL secure communications for the Nagwin web server ?
Nagwin's Nginx web server has a built-in support for SSL communications. Assuming that you have required certificate files located at the etc/nginx/ssl directory, you may follow steps below to enable secure communications:
- Start a text editor capable of editing a text file with Unix line endings (Wordpad or Notepad++ for example)
- Edit file <Nagwin installation directory>\etc\nginx\nginx.conf:
.....
server {
listen 80;
server_name your.server.name;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl on;
ssl_certificate /etc/nginx/ssl/your.server.name.crt;
ssl_certificate_key /etc/nginx/ssl/your.server.name.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name your.server.name;
.....
- Setup above will automatically redirect http requests to https, making your server communicate securely all the time. NB! SSLv3 are excluded from the supported list of protocols (ssl_protocols directive) to avoid Poodle security vulnerabilitiy.
- Restart Nagwin_Nginx service
Useful links: