Reverse Proxy Configuration using NGINX

The nginx_install.sh installs NGINX and configured Reverse Proxy. For configuration of domain signed / public certificates, you need to copy the certificates in the host machine and configure their path in https.conf file. Following script demonstrates the procedure.


Update SSL certificates
# cd to nginx certificates directory
cd /etc/nginx/certificates/
# copy crt and key files in this directory
cp <certificate.crt> .
cp <certificate.key> .
# open https.cong file using any text editor
vim /etc/nginx/conf.d/https.conf
# add server fqdn in 2nd line of this file i.e.
# server_name chatsolution.expertflow.com; to server_name <fqdn>;
# change following properties on line number 15 & 16
# ssl_certificate           /etc/nginx/certificates/ef.crt; to ssl_certificate           /etc/nginx/certificates/<certificate.crt>;
# ssl_certificate_key       /etc/nginx/certificates/ef.key; to ssl_certificate_key       /etc/nginx/certificates/<certificate.key>;
# save https.conf file
# restart nginx service
systemctl restart nginx

If NGINX throws an error while restarting where SELinux is set to enforcing mode, run following commands in bash

SELinux Permission Denied Resolution
setenforce 0
systemctl restart nginx

For configuration of Chain Certificates, follow Digicert SSL Configuration Guide for NGINX, section How to Install and Configure your SSL Certificate. Verify your chain certificate bundle by any available tool e.g. KeyCDN.