Hello, It’s takeken.
Finally, I try change http to https. I use Nginx and trouble a little, but I’m able to be completed! For nginx prepare a private key to Nginx Path.
How to create CSR
Let’s create a rand.dat
# /usr/bin/openssl md5 * > key/rand.dat
Using the rand.dat, and create a Private key.
In the case of Nginx, Key phrases don’t setup.
# /usr/bin/openssl genrsa -rand key/rand.dat -des3 2048 > key/serverkey.pem # cp key/serverkey.pem key/serverkey.pem.org # /usr/bin/openssl rsa -in key/serverkey.pem.org -out key/serverkey.pem
It’ll generate a CSR with Private key.
# /usr/bin/openssl req -new -key key/serverkey.pem -out csr/vincentina.pem
Well, Where do you try to SSL.
I apply for a rapid SSL from Sakura Internet because I’ve been using Sakura Cloud.
It’s during a discount campaign now. I thought that it was over, but It has still continued.
Sakura Internet campaign page
After a while, after end of application is received mail from Sakura Internet.
Let’s upload “FQDN/key”
You have done work of above and you wait a moment, so that it’s received a certificate. In the case of Nginx, Certificate and CA certificate a need to be in one.
-----BEGIN CERTIFICATE----- Certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- Intermediate Certificate -----END CERTIFICATE-----
And then, we must set up ssl.conf.
I was created by adding both reverse proxy and HHVM setting to SampleSSL.conf file.
It seems no problem.
It was a response speed of website I was worried, but it doesn’t feel to be slow.
It’s the finishing.
I was set the redirection in ssl.conf of Nginx , and write URL setting as https of WordPress.
Caution: You remember release 443 port iptables!!!
"nginx.conf" return 301 https://$host$request_uri; "iptables" -A INPUT -p tcp --dport 443 -j ACCEPT ACCEPT tcp -- anywhere anywhere tcp dpt:https
How was it?
Have a good day!
These are references.
- I completely forgot about to move a fail2ban…
- Oopsy 5th anniversary.
- Apparently there’s dependencies nginx