ssl


Create self-signed SSL certificate for Nginx

First of all create the server key: openssl genrsa -des3 -out self-signed.key 2048 Enter a password twice and note it! Create the CSR (when requested, enter the password that you used above): openssl req -new -key self-signed.key -out self-signed.csr Answer the questions and put your domain name that you want to use the certificate for […]


Verify SSL certificate using OpenSSL

Use this command to verify the SSL certificate for the domain www.example.net: openssl s_client -showcerts -connect www.example.net:443 If you want to give the folder which contains the CA certificates (on Debian /etc/ssl/certs): openssl s_client -connect www.example.net:443 -showcerts -CApath /etc/ssl/certs If the certificate is correctly installed the result should contain at the end: Verify return code: […]


Redirecting to https using .htaccess

Based on HTTPS variable: RewriteCond %{HTTPS} !=on RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] Redirect everything that's not being served on port 443 to https: RewriteCond %{SERVER_PORT} !^443$ RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] Redirect everything served on port 80 to https: RewriteCond %{SERVER_PORT} ^80$ RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]