radin/my-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3917e347192c3db9ee89493cdfec6e9fc9f3fb4
my-docs/Web-Servers/Nginx/07-SSL.md
RadinPirouz 1c472e4b94 nginx optimization doc
2025-09-28 16:38:51 +03:30

1.6 KiB
Raw Blame History

🔐 Nginx SSL Configuration Guide

📄 Example Server Block (HTTPS)

listen 443 ssl;
server_name example.com www.example.com;

# 🔒 SSL Certificate (Generated by Certbot)
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; 
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; 

# 📂 Website Root
root /var/www/example.com/html;
index index.html;

# 🚦 Request Handling
location / {
    try_files $uri $uri/ =404;
}

🗂️ What Each Part Does

Directive Meaning
listen 443 ssl; Listens on port 443 for secure HTTPS traffic.
server_name Specifies the domain(s) for this site.
ssl_certificate The full certificate chain file from Certbot.
ssl_certificate_key The private key file from Certbot.
root Directory containing your websites files.
index Default file served for a directory request.
try_files $uri $uri/ =404; Checks if a file/directory exists, else returns a 404.

⚠️ SSL Notes

  • Certbot certificates are stored here:

    /etc/letsencrypt/live/<your-domain>/

  • Certificates expire every 90 days — set up auto-renew:

    certbot renew --quiet

  • After renewal, always reload Nginx to apply changes:

    systemctl reload nginx
Reference in New Issue View Git Blame Copy Permalink