[Windows] Using a self-signed certificate for HTTPS connection with Nginx
Masui Masanori
Posted on July 15, 2024
Intro
This time, I will create a self-signed public certificate to enable HTTPS connection with Nginx.
Creating a self-signed public certificate
Adding a custom domain
First, I add a custom domain into "C:\Windows\System32\drivers\etc\hosts" file.
hosts
...
127.0.0.1 goapp.sample.jp
Creating a self-signed public certificate and exporting it
I create a self-signed public certificate by PowerShell(open as administrator).
New-SelfSignedCertificate -DnsName goapp.sample.jp -Subject "CN=goapp.sample.jp" -CertStoreLocation "cert:\LocalMachine\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256
To export the certificate, I open "certlm.msc".
And I export it as "goappsample.pfx".
After exporting, I install it into "LocalMachine\Trusted Root Certification Authorities".
Creating pem and key files
To use the certificate from Nginx, I create a pem file and a key file from "goappsample.pfx" by OpenSSL.
This time, I use a OpenSSL Light released by "Shining Light Productions".
openssl pkcs12 -in goappsample.pfx -clcerts -nokeys -out goappsample.pem
openssl pkcs12 -in goappsample.pfx -nocerts -nodes -out goappsample.key
Then I add them into a conf file of Nginx.
webappsample.conf
server {
listen 443 ssl;
server_name goapp.sample.jp;
ssl_certificate C:/Users/example/Documents/goappsample.pem;
ssl_certificate_key C:/Users/example/Documents/goappsample.key;
location / {
root html;
index index.html index.htm;
}
location /webrtc {
proxy_pass http://localhost:8080;
}
}
Posted on July 15, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.
Related
November 29, 2024