Adding SSL to the VM

What You’ll Need Before You Start:

  • PEM Key for the domain you want to use with SSL
  • Certificate Key for the domain you want to use with SSL

Follow these steps:

  1. Log into the VM with the system user and password provided to you on the TTY screen.
  2. Enter sudo vim /etc/nginx/sites-enabled/default
  3. You will see a block of text in the middle of the document resembling the following:
    ## If you plan on using a SSL certificates on this server,
    ## uncomment the following line. You will also have to
    ## configure SSL at the bottom of this configuration.
    #listen 443 ssl;
    root {{{public_path}}};
  4. Uncomment listen 443 ssl; line
  5. Near the end of the document, you will see a block of text resembling the following:
    ## Uncomment and adjust the following paths and configuration as
    ## necessary to allow HTTPS on this server via SSL certificate.
    ## More information can be found here:
    ## http://nginx.org/en/docs/http/configuring_https_servers.html
    #ssl_certificate /etc/nginx/wildcard_cert.pem;
    #ssl_certificate_key /etc/nginx/wildcard_cert.key;
    #ssl_session_timeout 5m;
    #ssl_protocols SSLv3 TLSv1;
    #ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
  6. Uncomment the ssl_ lines to look like:
    ## Uncomment and adjust the following paths and configuration as
    ## necessary to allow HTTPS on this server via SSL certificate.
    ## More information can be found here:
    ## http://nginx.org/en/docs/http/configuring_https_servers.html
    ssl_certificate /etc/nginx/wildcard_cert.pem;
    ssl_certificate_key /etc/nginx/wildcard_cert.key;
    ssl_session_timeout 5m;
    ssl_protocols SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
  7. Write the file sudo vim /etc/nginx/wildcard_cert.pem
  8. Write the file sudo vim /etc/nginx/wildcard_cert.key
  9. Run sudo service nginx restart

Verification

Visit Emcien via the web browser. If you see the SSL lock in the location bar, the certificate is successful.