Securing the Nginx web server using SSL
As you may also want to access the Banana Pi from the Internet, you should think about the security aspect. In the previous recipe, we browsed our web applications via the default HTTP protocol. HTTP is not encrypted and is therefore vulnerable to various attacks. In this recipe, we are going to create a so-called SSL certificate to enable the encrypted HTTPS (HTTP over SSL) protocol.
Getting ready
The following ingredients are required to enable HTTPS on our Nginx web server:
A running Banana Pi with a Debian-based Linux system
A configured network on the Banana Pi
A working Nginx web server as illustrated in the Setting up a web application recipe
How to do it…
We need to create an SSL certificate and add an HTTPS configuration to our Nginx web server.
Creating the certificate
We are going to create a self-signed certificate. In this recipe, we are using the hostname lemaker.
Open a shell.
Switch to
/etc/ssl.$ cd /etc/sslObtain a root shell:
$ sudo -sCreate...
