Adding SSL to the VM

How to Add SSL to your EmcienScan VM

 

What You’ll Need Before You Start:

  • PEM Key for the domain you want to use with SSL

  • Certificate Key for the domain you want to use with SSL

 
  1. Enter the system console for your VM by entering system as the username and the password provided to you for the VM.

 
  1. Execute sudo vim /etc/nginx/sites-enabled/default. If not familiar with VIM, you can use an alternative text editor, such as nano.

 
  1. You will see a block of text in the middle of the document resembling the following:

 

## If you plan on using a SSL certificates on this server,

## uncomment the following line. You will also have to

## configure SSL at the bottom of this configuration.

#listen 443 ssl;

root {{{public_path}}};

 

  1. Remove the bolded # symbol in front of the listen 443 ssl; line, so that the block looks like:

 

## If you plan on using a SSL certificates on this server,

## uncomment the following line. You will also have to

## configure SSL at the bottom of this configuration.

listen 443 ssl;

root {{{public_path}}};

 
  1. Near the end of the document, you will see a block of text resembling the following:

 

    ## Uncomment and adjust the following paths and configuration as

## necessary to allow HTTPS on this server via SSL certificate.

## More information can be found here:

#http://nginx.org/en/docs/http/configuring_https_servers.html

#ssl_certificate     /etc/nginx/wildcard_cert.pem;

#ssl_certificate_key /etc/nginx/wildcard_cert.key;

#ssl_session_timeout 5m;

#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#ssl_prefer_server_ciphers on;

#ssl_ciphers 'kEECDH+ECDSA+AES128 kEECDH+ECDSA+AES256 kEECDH+AES128 kEECDH+AES256 kEDH+AES128 kEDH+AES256 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !kECDH !DSS !MD5 !EXP !PSK !SRP !CAMELLIA !SEED';

 
  1. Remove the “#” symbols from that are bolded above, leaving something similar to the below text:

 

    ## Uncomment and adjust the following paths and configuration as

## necessary to allow HTTPS on this server via SSL certificate.

## More information can be found here:

## http://nginx.org/en/docs/http/configuring_https_servers.html

ssl_certificate     /etc/nginx/wildcard_cert.pem;

ssl_certificate_key /etc/nginx/wildcard_cert.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

ssl_ciphers 'kEECDH+ECDSA+AES128 kEECDH+ECDSA+AES256 kEECDH+AES128 kEECDH+AES256 kEDH+AES128 kEDH+AES256 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !kECDH !DSS !MD5 !EXP !PSK !SRP !CAMELLIA !SEED';

 
  1. Execute sudo vim /etc/nginx/wildcard_cert.pem. You can also use an alternative text editor if you prefer. Save your PEM data into this file.

 
  1. Execute sudo vim /etc/nginx/wildcard_cert.key. You can also use an alternative text editor if you prefer. Save your cert data into this file.

 
  1. Execute sudo service nginx restart