How To Create a Self-Signed SSL Certificate for Nginx in Ubuntu 22.04 LTS
3 mins read

How To Create a Self-Signed SSL Certificate for Nginx in Ubuntu 22.04 LTS

Encrypt Now0Tagged , , , , , , , , ,

Creating a self-signed SSL certificate for Nginx on Ubuntu 22.04.3 LTS and configuring it to only allow HTTPS traffic while redirecting HTTP to HTTPS can be done using the following step-by-step tutorial. In this example, we’ll use an IP address for demonstration purposes:

  1. Log in to your Ubuntu Server:Use SSH to connect to your server. Replace <your_username> and <server_ip> with your actual username and server IP address.
ssh <your_username>@<server_ip>


Update System Packages:

2. It’s a good practice to ensure that your server is up to date before proceeding.


sudo apt update
sudo apt upgrade


3. Install Nginx:

If Nginx is not already installed, you can install it using the following command:

sudo apt install nginx


4. Generate a Self-Signed SSL Certificate:

Use the openssl command to create a self-signed SSL certificate and key:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/selfsigned.key -out /etc/nginx/selfsigned.crt


Follow the prompts to provide information such as the country, state, locality, organization, and common name. For an IP address, you can leave the “Common Name” field empty or use the IP address itself.

5.

Create a Nginx Server Block Configuration:

Create a new Nginx server block configuration file for your IP address. Replace <your_ip> with your server’s IP address:

sudo nano /etc/nginx/sites-available/<your_ip>



Add the following configuration to the file:

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;
    server_name <your_ip>;

    ssl_certificate /etc/nginx/selfsigned.crt;
    ssl_certificate_key /etc/nginx/selfsigned.key;

    location / {
        # Your web application configuration here
        # For example, proxy_pass http://localhost:8080;
    }
}


Save and exit the text editor.

6. Enable the Nginx Configuration: Create a symbolic link from the configuration file in sites-available to the sites-enabled directory:

sudo ln -s /etc/nginx/sites-available/<your_ip> /etc/nginx/sites-enabled/



7. Test Nginx Configuration:

Ensure that your Nginx configuration is valid:

sudo nginx -t



If it returns “syntax is okay” and “test is successful,” proceed to the next step.

8. Restart Nginx:

Restart Nginx to apply the new configuration:

sudo systemctl restart nginx



9. Configure Firewall Rules (if applicable):

If you have a firewall, make sure to allow incoming traffic on ports 80 (HTTP) and 443 (HTTPS). You can use ufw if it’s installed:

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp



Don’t forget to enable ufw if it’s not already enabled:

sudo ufw enable



10. Access Your Server: Open a web browser and enter your server’s IP address (e.g., https://<your_ip>) to access your website via HTTPS. Ensure that you replace <your_ip> with your actual server’s IP address.

That’s it! You’ve created a self-signed SSL certificate for Nginx on Ubuntu 22.04.3 LTS, configured it to allow only HTTPS traffic, and set up a redirect from HTTP to HTTPS. Your website should now be accessible securely via HTTPS.

Leave a Reply

Your email address will not be published. Required fields are marked *

Website http://encryptnow.org

Related Posts