たれみみマンデー

AWS+Nginx+RailsのSSL化

qiita.com

ここの続きのテイ

自分用備忘録。

 

$cd ~

$git clone https://github.com/certbot/certbot

$cd certbot

 

$sudo -i

 

$sudo ./certbot-auto certonly --agree-tos --webroot -w /var/www/rails/*アプリ名*/public -d hhbox.net -m *メアド --debug

 

$/etc/nginx/nginx.conf

root /var/www/rails/*アプリ名*/public

 

$/etc/nginx/conf.d/*アプリ名*.conf

server { 

  listen 80;

  server_name hhbox.net;

  return 301 https://$host$request_uri;

}

server {

  listen 443 ssl;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

  ssl on;

  ssl_certificate      /etc/letsencrypt/live/hhbox.net/fullchain.pem;

  ssl_certificate_key  /etc/letsencrypt/live/hhbox.net/privkey.pem;

  location @app {

    proxy_set_header X-Forwarded-Proto $scheme;

  }

}

 

$config/environments/production.rb

config.force_ssl = true  

 

$sudo -i

$/etc/init.d/nginx restart