SSL 초간단 설정(Nginx, Apache)
1) Nginx
(1) HTTP(80) -> HTTPS(443) 리다이렉트 Redirect
server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 301 https://$host$request_uri; } |
(2) HTTPS 443 SSL 설정
server { listen 443 ssl default_server; listen [::]:443 ssl default_server; server_name _; ssl on; ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; client_max_body_size 10M; error_page 400 403 404 500 501 502 503 504 /tmpl/error.html; location = /tmpl/error.html { root /opt/error; internal; } location / { proxy_pass http://backend; proxy_http_version 1.1; proxy_set_header Connection ""; } location ~ ^/static/ { root /opt/static; } } upstream backend { server 127.0.0.1:8000; keepalive 1024; } |
2) Apache 설정
(1) HTTP(80) -> HTTPS(443) 리다이렉트 Redirect
<VirtualHost *:80> ServerName example.com <Location /> Redirect permanent / https://example.com/ </Location> </VirtualHost> |
(2) HTTPS 443 SSL 설정
LoadModule ssl_module modules/mod_ssl.so Listen 443 NameVirtualHost *:443 <VirtualHost *:443> DocumentRoot /var/www/html ErrorLog logs/error_log ServerName https://www.example.com SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl/cert.pem SSLCertificateKeyFile /etc/httpd/conf/ssl/key.pem ErrorDocument 500 /common/error.php ErrorDocument 404 /common/error.php ErrorDocument 403 /common/error.php </VirtualHost> |
