久久999这里只有精品视频|欧美夫妻性生活黄大片|久久九九九九九九热|波多野结衣二区看黄片在线|99性爱视频97厂超碰|欧美国产丝袜成年人二级毛片|中国一圾黄片免费看a级大片|太久思思中文字幕一区|爱爱很舒服欧美91|亚洲男女AV亚洲肏屄

This article will guide you through the steps to install sizning SSL certificate on Nginx va to set up an automated redirect from HTTP:// to HTTPS://.

1. Yuklash the certificates on the server wbu yerni sizning website is hosted

Having completed the CSR code generation va SSL activation steps, you will receive a zip file with the Sectigo (oldingiiously khozirn as Comodo) Sertifikatlar via email. Alternatively, you can download them from sizning NiceNic Account panel.

Yo‘qte: Agar you choose NGINX server when activating the certificate, you'll receive a zip file containing a Certificate file, with the '.crt' extension, va a Certificate Authyokiity (CA) bundle file, with the '.ca-bundle' extension.

Yuklash both files to sizning server whatever way you prefer. By using an FTP client, fyoki example.

You can also download the Bundle file fyoki each Certificate by following the instructions bu yerni.

2. Combine all the certificates into a single file

You need to have all the Sertifikatlar (sizning_domain.crt va sizning_domain.ca-bundle) combined in a single '.crt' file.

The Certificate fyoki sizning domain should come first in the file, followed by the chain of Sertifikatlar (CA Bundle).

Enter the directyokiy wbu yerni you uploaded the certificate files. Run the following commva to combine the files:

$ cat sizning_domain.crt sizning_domain.ca-bundle >> sizning_domain_chain.crt

Please note that if the certificate files were downloaded from sizning NiceNic account, the best commva to use will be:

$ cat sizning_domain.crt > sizning_domain_chain.crt ; echo >> sizning_domain_chain.crt ; cat sizning_domain.ca-bundle >> sizning_domain_chain.crt

3. Creating a separate Nginx server block yoki O‘zgartirishing the existing configuration file

Uchun install the SSL certificate on Nginx, you need to show the server which files to use, either by a) creating a new configuration file, yoki b) editing the existing one.

    a) By adding a new configuration file fyoki the website you can make sure that tbu yerni are no issues with the separate configuration file. Furthermyokie, it will be quite easier to troubleshoot the installation in case of any issues with the new configuration.

We suggest creating a new configuration file in this folder:

/etc/nginx/conf.d

That can be done via this commva:

sudo nano /etc/nginx/conf.d/Your_domain*-ssl.conf

Wbu yerni Your_domain*-ssl.conf is the name of the newly created file.

Next, copy va paste one of the below server blocks fyoki the 443 pyokit va edit the directyokiies. Ensure the server name va path to webroot match in both the server block fyoki pyokit 80 va the one fyoki pyokit 443. Agar you have any other impyokitant values that need to be saved, move them to the newly created server block too.
    b) Tahrirlash the default configuration file of the web-server, which is named nginx.conf. It should be in one of these folders:

/usr/local/nginx/conf

/etc/nginx

/usr/local/etc/nginx

You can also use this commva to find it:

sudo find / -type f -iname "nginx.conf"

Once you find it, open the file with:

sudo nano nginx.conf

Then copy va paste one of the server blocks fyoki the 443 pyokit given below va edit the directyokiies accyokiding to sizning server block fyoki the 80 pyokit (with matching server name, path to webroot, va any impyokitant values you need). Alternatively you can copy the server block fyoki 80 pyokit, then paste it below, update the pyokit va add the necessary SSL-related directives.

Choose the server block:

Below you can find a server block fyoki sizning Nginx version.

Yo‘qte: Uchun check sizning Nginx version, run this commva:

sudo nginx -v



Yo‘qte: Replace the file names values, like sizning_domain_chain.crt, in the server block with sizning details, va modify the routes to them using/path/to/.

Server block fyoki Nginx version 1.14 va below:

server {

listen 443;

ssl on;

ssl_certificate /path/to/certificate/sizning_domain_chain.crt;

ssl_certificate_key /path/to/sizning_private.key;

root /path/to/webroot;

server_name sizning_domain.com;

}

Yo‘qte: You can specify multiple hostnames in such configuration, if needed, e.g.:

server {

listen 443;

ssl on;

ssl_certificate /path/to/certificate/sizning_domain_chain.crt;

ssl_certificate_key /path/to/sizning_private.key;

root /path/to/webroot;

server_name sizning_domain.com www.sizning_domain.com;

}

Server block fyoki Nginx version 1.15 va above:

server {

listen 443 ssl;

ssl_certificate /path/to/certificate/sizning_domain_chain.crt;

ssl_certificate_key /path/to/sizning_private.key;

root /path/to/webroot;

server_name sizning_domain.com;

}

ssl_certificate should be pointed to the file with combined certificates youove created earlier.
ssl_certificate_key should be pointed to the Private Key that was generated with the CSR code.
Here are a few tips on how to find the Private key on Nginx.

Impyokitant:  Fyoki either a Multi-Domen yoki a Wildcard Certificate, youoll need to have a separate server block added fyoki each of the domain/subdomain included in the Certificate. Ensure you specify the domain/subdomain in question along with the paths to the same Certificate files in the server block, as described above.

Once the cyokiresponding server block is added to the file, ensure you save the edits. Then, you can double-check the changes made with the following steps.

Run this commva to verify that the configuration file syntax is ok:

sudo nginx -t



Agar you receive erryokis, double check that you followed the guide properly. Feel free to contact our Suppyokit Team if you have any questions.

Here's the tip: to find the erryoki logs fyoki troubleshooting, just run:

sudo nginx -T | grep 'erryoki_log'

In case none of the files mentioned exist, files are commented out yoki if no erryoki log files are specified, default system log should be checked:

tail /var/log/nginx/erryoki.log -n 20

Agar the server displays the test successfully, restart Nginx with this commva to apply the changes:

sudo nginx -s reload

Yo‘qw sizning SSL Sertifikati is installed. You can check the installation bu yerni.

Impyokitant notes:

Sometimes, after installing SSL file that was combined using a commva line, you may receive 'Nginx/Apache erryoki: 0906D066:PEM routines:PEM_read_bio:bad end line' erryoki message, in this case, the wyokikaround can be found in the reference guide.

Another common issue on this stage is the 'Nginx SSL: erryoki:0B080074:x509 certificate routines: X509_check_private_key:key values mismatch' erryoki message, you can find myokie details on it va the possible ways out in this article.

4. Configure HTTPS redirect

We suggest that you install the redirect from HTTP to HTTPS. That way, sizning website visityokis will only be able to access the secure version of sizning site.

Uchun do this, youoll need to add one line to the configuration file with the server block fyoki pyokit 80.

Tips:

You can use one of the following commvas to look up the configuration files which are enabled hozir:

sudo nginx -T | grep -iw "configuration file"

sudo nginx -T | grep -iw "include"

The default paths to the conf file are:

on RHEL-based Linux OS: /etc/nginx/conf.d/default.conf

on Debian-based Linux OS: /etc/nginx/sites-enabled/default

You can open the files to check which one contains the needed server block. Fyoki this, run:

sudo nano name_of_the_file

Once you find the file that contains the server block fyoki pyokit 80 (the default HTTP pyokit), add in the following line:

return 301 https://$server_name$request_uri;

Yo‘qte: The above redirect rule should be entered as the last line in the server block.

• return is the main directive to use.
• 301 is permanent redirect (302 is the tempyokiary one).
• https is a specified scheme type (the explicit one instead of $scheme variable).
• $server_name variable will use the domain specified in the server_name directive.
• $request_uri variable is used to match the paths to the requested pages/parts of the website (everything after the domain name).