I have a fully qualified domain name pointing to the ip of the droplet with Ubuntu 20.04 and Postgres 12 installed. I need to install SSL on the same. Any help is appreciated.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi @communityservice, I had to open new answer again :) Sorry I left you without response but I dived into DO’s API and almost drowned :D :D :D
@communityservice/@unicornomy wroteI have an app (public facing) on http://domain.com:6000 which has various sub URLs like
http://domain.com:6000/subscribe/3423-23452345-fsd-a345-234
and
http://domain.com:6000/unsubscribe/341234-2345-fasdf-1453245 etc.
These URLs are also sent out to subscribers via email and when they are clicked by customers the insecure version (http) with port number open up which really does not look secure and neat. Thus I need to move them to
https://domain.com/subscribe/3423-23452345-fsd-a345-234
and
https://domain.com/unsubscribe/341234-2345-fasdf-1453245
with the action of both the URLs remaining unaffected. I feel this needs to be achieved out of server block setting of nginx, but unable to find a working solution for the same.
What is the website server for your app, working on port 6000 ? Can you provide a result of the command below, pls. ?
sudo netstat -tulpn | grep 6000
Hi @communityservice, We reached too many replies, so I started a new answer.
@communityservice wrotesudo netstat -tulpn | grep -e 6000 -e 6001
resulted in below
tcp 0 0 1.2.3.4:6000 0.0.0.0:* LISTEN 24317/./appname
It looks like before. First of all, you need to change the settings in your app configuration to make it listening on localhost (127.0.0.1), not on public IP address (1.2.3.4 in the example). Otherwise, the configuration I sent you will not work, you will have two services listening on your public IP port 6000, the app and nginx.
@communityservice wroteanything that I did wrong?
Or was I supposed to add it to some other file? Or maybe creating sym link?
You can add new server blocks to your existing file as well as to a new file. In the first case you do not have to care about creating a symlink.
@communityservice wrotenginx: [warn] the “ssl” directive is deprecated, use the “listen … ssl” directive instead in /etc/nginx/sites-enabled/domain.com:48
It is just a warning but it would be good to fix it too. What is your directive in line 48 of the file /etc/nginx/sites-enabled/domain.com ?
And remember to restart nginx service after changing its configuration. First check if the syntax of config files is OK, of course :)
sudo nginx -t
sudo systemctl restart nginx
Edit - There’s a binary app that’s using the Postgres DB and is accessible on the domain:port for which I need SSL installed.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.