Tag Archives: nginx

Amazon Load Balancer setting SSL with Certificate Chain

First of all, let’s assume you have the following files with you:

  • yourdomain.key Your domain’s private Key
  • yourdomain.crt Your domain’s public Key
  • sf_bundle.crt The Certificate Chain

Step 1 – Preparing the files

Create a PEM-encoded version of your private key

1
openssl rsa -in yourdomain.key -outform PEM -out yourdomain.pem

Step 2 – Setting the certificate on Amazon

On your Amazon account go to Load Balancers > Your Load Balencer > Listeners

Load Balencer Protocol: HTTPS
Load Balencer Port: 443
Instance Protocol: HTTP
Instance Port: 80
Cipher: ELBSample-OpenSSLDefaultCipherPolicy
Certificate Name: Yourdomain.com
Private Key: <past yourdomain.pem file here>
Public Key Certificate: <past yourdomain.crt file here>
Certificate Chain: <past sf_bundle.crt file here>

Note: This means every request to the Load Balancer will be made on HTTPS. The traffic from the Load Balancer to the destiny instance will be regular HTTP. This way you don’t have to setup any certificate on your instance’s Apache/Nginx web server.

Step 3 – Test

If everything went as expected you should be able to open https://yourdomain.com.

Now, use a SSL check tool to see if everything is OK: http://www.sslshopper.com/ssl-checker.html#hostname=https://yourdomain.com

You should see something like this:

2833574

 

nginx serve subdirectory as domain root

Say you have the following file structure:

1
2
3
4
5
site.com/
  main_site/
  site_a/
  site_b/
  site_c/

If you want:

  • http://site.com to show /main_site/’s files
  • all remaining sites to be served as usual (example: http://site.com/site_b/)

All you have to do is to edit site.com.conf’s file as follows:

1
2
3
4
5
6
7
8
9
10
11
  location / {
    try_files $uri $uri/ @missing; # try to get site.com/requested_file, if does not exist jump to @missing
  }

  location /main_site {
    # do nothing
  }

  location @missing { # if file is not present on the root, serve the /main_site
    rewrite ^ /main_site$request_uri?;
  }

Source

Nginx Symfony 1.4 Configuration

We’ve been trying out nginx server for symfony 1.4 applications, the configuration can be a little bit tricky though… Here’s a working example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
server {
  listen 80;
 
  server_name yourdomain.com www.yourdomain.com;

  root /var/www/yourdomain.com/httpdocs/web;

  access_log /var/www/yourdomain.com/logs/access_log main;
  error_log /var/www/yourdomain.com/logs/error_log;

  index index.php;

  location / {
    try_files $uri $uri/ /index.php$uri?$args;
  }
 
  location ~ "^(.+\.php)($|/)" {
        fastcgi_split_path_info ^(.+\.php)(.*)$;
 
        fastcgi_param PHP_VALUE "error_log=/var/www/yourdomain.com/logs/error_log";
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_pass   127.0.0.1:9000;
        include        fastcgi_params;
    }

}