You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm learning how to enable TLS/SSL on a home server. This is my first try before buying a domain name and certifying it with Let's Encrypt.
The following /etc/nginx/sites-available/default doesn't seem to work.
Or does it work but it's just that Chrome doesn't accept self-signed certificates?
Thank you.
~# cat /etc/nginx/sites-available/default
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name 192.168.0.24;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
# Don't use them in a production server!
include snippets/snakeoil.conf;
#ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
#ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
location / {
root /var/www/html;
index index.html index.htm;
}
}
server {
listen 80;
server_name 192.168.0.24;
return 301 https://$host$request_uri;
}
~# nginx -t
~# systemctl reload nginx
~# openssl s_client -connect 192.168.0.24:443
Connecting to 192.168.0.24
CONNECTED(00000003)
Can't use SSL_get_servername
...
No client certificate CA names sent
Browser:
https://192.168.0.24/
Your connection is not private
Attackers might be trying to steal your information from 192.168.0.24 (for example, passwords, messages, or credit cards). Learn more about this warning
net::ERR_CERT_AUTHORITY_INVALID
This server could not prove that it is 192.168.0.24; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
--
Edit: It's apparently to be expected when using a self-signed certificate, which browsers don't accept without a warning.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
What question do you have?
Hello,
I'm learning how to enable TLS/SSL on a home server. This is my first try before buying a domain name and certifying it with Let's Encrypt.
The following /etc/nginx/sites-available/default doesn't seem to work.
Or does it work but it's just that Chrome doesn't accept self-signed certificates?
Thank you.
--
Edit: It's apparently to be expected when using a self-signed certificate, which browsers don't accept without a warning.
Beta Was this translation helpful? Give feedback.
All reactions