Cara Install HTTPS di localhost Nginx

Sebelumnya saya sudah menulis tentang Cara Install HTTPS di localhost dengan menggunakan Apache web server. Karena banyak permintaan versi Nginx maka saya buatkan lagi tutorial tersendiri. Yang berbeda hanyalah install Nginx dan konfigurasi untuk SSL.

-Install HTTPS di localhost (Nginx) Linux-

Tutorial ini menggunakan:

· OS Linux Ubuntu 16.04 64-bit · brew · mkcert · Nginx · Mozilla Firefox

-Install brew-

mkcert diinstall via brew package manager. Install brew terlebih dahulu, baca tutorial *Cara Install brew di Linux*.

-Install mkcert-

Install paket dependensi.

[INPUT]

1 $ sudo apt-get install libnss3-tools

Install mkcert via brew.

[INPUT]

1 $ brew install mkcert

Hasilnya

[INPUT]

1 2 3 4 5 Updating Homebrew… ==> Downloading https://linuxbrew.bintray.com/bottles/mkcert-1.2.0.x86_64_linux.bottle.tar.gz ######################################################################## 100.0% ==> Pouring mkcert-1.2.0.x86_64_linux.bottle.tar.gz /home/linuxbrew/.linuxbrew/Cellar/mkcert/1.2.0: 6 files, 4.3MB

Install Certificate Authority (CA).

[INPUT]

1 $ mkcert -install

Hasilnya

[INPUT]

1 2 3 4 5 Created a new local CA at “/home/musa/.local/share/mkcert” [sudo] password for musa: The local CA is now installed in the system trust store! The local CA is now installed in the Firefox and/or Chrome/Chromium trust store (requires browser restart)! The local CA is now installed in Java’s trust store!

Selanjutnya membuat certificate untuk localhost

[INPUT]

1 $ mkcert localhost

Hasilnya

[INPUT]

1 2 3 4 5 6 Using the local CA at “/home/musa/.local/share/mkcert”   Created a new certificate valid for the following names – “localhost”   The certificate is at “./localhost.pem” and the key at “./localhost-key.pem”

Terdapat dua file yang dihasilkan, certificate localhost.pem dan key localhost-key.pem. Semuanya berada di folder tempat menjalankan perintah.

-Konfigurasi Nginx untuk HTTPS-

Install Nginx

[INPUT]

1 $ sudo apt-get install nginx

Memindahkan certificate dan key.

[INPUT]

1 2 $ sudo mv localhost.pem /etc/ssl/certs $ sudo mv localhost-key.pem /etc/ssl/private

Konfigurasi server block localhost untuk port 443 (HTTPS).

[INPUT]

1 $ sudo nano /etc/nginx/sites-available/default

Cari opsi certificate dan ubah seperti di bawah ini

[INPUT]

1 2 3 4 5 6 # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; ssl_certificate /etc/ssl/certs/localhost.pem; ssl_certificate_key /etc/ssl/private/localhost-key.pem;

Start Nginx

[INPUT]

1 2 $ sudo systemctl start nginx $ sudo systemctl status nginx

-Pengujian-

Akses https://localhost di browser, hasilnya seperti gambar di bawah ini.

Mozilla Firefox – https localhost Nginx

-HTTPS untuk Custom Server Block-

Membuat certificate untuk virtualhost musaamin.oksip.

[INPUT]

1 $ mkcert musaamin.oksip

Hasilnya

[INPUT]

1 2 3 4 5 6 Using the local CA at “/home/musa/.local/share/mkcert”   Created a new certificate valid for the following names – “musaamin.oksip”   The certificate is at “./musaamin.oksip.pem” and the key at “./musaamin.oksip-key.pem”

Memindahkan certificate.

[INPUT]

1 2 $ sudo mv musaamin.oksip.pem /etc/ssl/certs $ sudo mv musaamin.oksip-key.pem /etc/ssl/private

Membuat folder untuk virtualhost musaamin.oksip.

[INPUT]

1 $ sudo mkdir /var/www/html/musaamin.oksip

Buat file index.html.

[INPUT]

1 $ sudo nano /var/www/html/musaamin.oksip/index.html

Isinya

[INPUT]

1 musaamin.oksip

Membuat konfigurasi server block di Nginx.

[INPUT]

1 $ sudo nano /etc/nginx/sites-available/musaamin.oksip.conf

Isinya

[INPUT]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 server {     listen 80;     server_name musaamin.oksip www.musaamin.oksip;       root /var/www/html/musaamin.oksip;     index index.html index.htm;       location / {             try_files $uri $uri/ =404;     }               listen 443 ssl;     ssl_certificate /etc/ssl/certs/musaamin.oksip.pem;     ssl_certificate_key /etc/ssl/private/musaamin.oksip-key.pem       if ($scheme != “https”) {         return 301 https://$host$request_uri;     }       access_log /var/log/nginx/musaamin.oksip.access.log;     error_log /var/log/nginx/musaamin.oksip.error.log; }

Mengaktifkan server block musaamin.oksip.

[INPUT]

1 2 3 $ sudo ln -s /etc/nginx/sites-available/musaamin.oksip.conf /etc/nginx/sites-enabled/ $ sudo systemctl restart $ sudo systemctl status

Memasukkan host musaamin.oksip ke dalam konfigurasi hosts.

[INPUT]

1 $ sudo nano /etc/hosts

Tambahkan

[INPUT]

1 127.0.0.1 musaamin.oksip

Pengujian, akses http://musaamin.oksip, harus redirect ke https://musaamin.oksip sesuai dengan konfigurasi pada server block Nginx.

Mozilla Firefox – https musaamin.oksip Nginx

Selamat mencoba 🙂

Leave a Reply

Your email address will not be published.