Nginx Proxy SSL Verification

When using Nginx as reverse proxy, you may need to handle SSL verification request. Passing this request to backend server may not do any good as back end servers normally only handle application.

To hanlde SSL validation request, use following Nginx Configuration

Now restart Nginx

You can get SSL with following letsencrypt command

If you have a redirect to HTTPS in your nginx server block, use something like

See LetsEncrypt, Nginx

Verify SSL Key matches with Private Key

To verify if SSL key match with the private Key, run following commands and compare resulting hash, it should match if SSL and Keys are matching.

Verify Private Key

Verify SSL

Verify CSR

ssl

Amazon Linux Invalid command SSLEngine

On Amazon Linux, when restarting Apache server, i get error

This is because SSL module was not installed on the server. To fix, run

See ssl

Nginx Curl SSL error

After installing SSL on Nginx server, it worked on browser, but when i try access using curl command, i get error

This is fixed by adding ca-bundle to .crt file.

The cert file should be in following format

YOUR_DOMAIN.crt
YOUR_DOMAIN.ca-bundle

This can be done with

Now use YOUR_DOMAIN.ssl as your ssl certificate in nginx.

Letsencrypt

Install letsencrypt

OR

Install SSL certificate on Apache

On Nginx

This will stop web server. Generate SSL, then start web server.

Getting SSL with out web server

Domain should be pointed to the server IP and IP should be public to generate SSL. Run following command.

Auto Renew SSL Certificate

Set following cronjob to auto renew SSL

Add

List All SSL

Change Email Associated with account

Search for LetsEncrypt SSL status

https://crt.sh/

certbot certificates
Enable LetsEncrypt SSL in ISPConfig
Nginx Proxy SSL Verification