radin/my-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fa6bb1557d972bcb00ae2e54367c62d524b50e15
my-docs/Web-Servers/Nginx/07-SSL.md
RadinPirouz 1c472e4b94 nginx optimization doc
2025-09-28 16:38:51 +03:30

57 lines
1.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 🔐 Nginx SSL Configuration Guide
## 📄 Example Server Block (HTTPS)
```nginx
listen 443 ssl;
server_name example.com www.example.com;
# 🔒 SSL Certificate (Generated by Certbot)
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
# 📂 Website Root
root /var/www/example.com/html;
index index.html;
# 🚦 Request Handling
location / {
try_files $uri $uri/ =404;
}
```
---
## 🗂️ What Each Part Does
| Directive | Meaning |
| ---------------------------- | ------------------------------------------------------ |
| `listen 443 ssl;` | Listens on port **443** for secure HTTPS traffic. |
| `server_name` | Specifies the domain(s) for this site. |
| `ssl_certificate` | The **full certificate chain** file from Certbot. |
| `ssl_certificate_key` | The **private key** file from Certbot. |
| `root` | Directory containing your websites files. |
| `index` | Default file served for a directory request. |
| `try_files $uri $uri/ =404;` | Checks if a file/directory exists, else returns a 404. |
---
## ⚠️ SSL Notes
* Certbot certificates are stored here:
```
/etc/letsencrypt/live/<your-domain>/
```
* Certificates **expire every 90 days** — set up auto-renew:
```bash
certbot renew --quiet
```
* After renewal, always reload Nginx to apply changes:
```bash
systemctl reload nginx
```
Reference in New Issue View Git Blame Copy Permalink