AWS+Nginx+RailsのSSL化
ここの続きのテイ
自分用備忘録。
$cd ~
$git clone https://github.com/certbot/certbot
$cd certbot
$sudo -i
$sudo ./certbot-auto certonly --agree-tos --webroot -w /var/www/rails/*アプリ名*/public -d hhbox.net -m *メアド --debug
$/etc/nginx/nginx.conf
root /var/www/rails/*アプリ名*/public
$/etc/nginx/conf.d/*アプリ名*.conf
server {
listen 80;
server_name hhbox.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl on;
ssl_certificate /etc/letsencrypt/live/hhbox.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hhbox.net/privkey.pem;
location @app {
proxy_set_header X-Forwarded-Proto $scheme;
}
}
$config/environments/production.rb
config.force_ssl = true
$sudo -i
$/etc/init.d/nginx restart