티스토리 뷰

SSL 초간단 설정(Nginx, Apache)


1) Nginx


(1) HTTP(80) -> HTTPS(443) 리다이렉트 Redirect

 server {

    listen 80 default_server;

    listen [::]:80 default_server;


    server_name _;


    return 301 https://$host$request_uri;

}


(2) HTTPS 443 SSL 설정

server {

    listen 443 ssl default_server;

    listen [::]:443 ssl default_server;

    server_name _;


    ssl on;

    ssl_certificate /etc/nginx/ssl/cert.pem;

    ssl_certificate_key /etc/nginx/ssl/key.pem;


    client_max_body_size 10M;


    error_page 400 403 404 500 501 502 503 504 /tmpl/error.html;


    location = /tmpl/error.html {

        root /opt/error;

        internal;

    }


    location / {

        proxy_pass  http://backend;

        proxy_http_version 1.1;

        proxy_set_header Connection "";

    }


    location ~ ^/static/ {

        root /opt/static;

    }

}


upstream backend {

    server 127.0.0.1:8000;

    keepalive 1024;

}




2) Apache 설정


(1) HTTP(80) -> HTTPS(443) 리다이렉트 Redirect

 <VirtualHost *:80>

  ServerName example.com

  <Location />

    Redirect permanent / https://example.com/

  </Location>

</VirtualHost>


(2) HTTPS 443 SSL 설정

 LoadModule ssl_module modules/mod_ssl.so



Listen 443

NameVirtualHost *:443


<VirtualHost *:443>

     DocumentRoot /var/www/html

     ErrorLog logs/error_log

     ServerName https://www.example.com

     SSLEngine on

     SSLCertificateFile /etc/httpd/conf/ssl/cert.pem

     SSLCertificateKeyFile /etc/httpd/conf/ssl/key.pem

     ErrorDocument 500 /common/error.php

     ErrorDocument 404 /common/error.php

     ErrorDocument 403 /common/error.php

</VirtualHost>