...
| Code Block |
|---|
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
ssl_certificate /etc/ssl/certs/mydomain.com.crt;
ssl_certificate_key /etc/ssl/private/mydomain.com.key;
# New root location
location / {
root /usr/share/nginx/html/;
# return 404;
}
# You may need this to prevent return 404 recursion.
location = /404.html {
internal;
}
} |
Once NGINX is running, you can test that your certificates are valid using curl :
| Code Block | ||
|---|---|---|
| ||
curl https://mydomain.com -vvvvv |
NOTE: You should not need to use --insecure , as your Root CA is trusted and your certificate is signed by the Root CA. If an error is thrown here then something is wrong.
The -vvvvv raises the verbosity level in the output of curl, and should show the certificate chain
Testing with NGINX
...
in Docker
To run an NGINX Docker container that mounts in your new root ca as well as the certs you've signed with it:
...