Infra/[AWS]
[Aws] Https 인증서 세팅하기
HiSmith
2024. 4. 5. 19:17
반응형
알람을 보내야하는 기능이 있는데, http로는 사용자 요청을 얻을 수 없다.
따라서, Https 세팅한다.
1. certbot 설치
sudo snap install certbot --classic
2. 인증서 발급
sudo certbot --nginx -d {도메인}
발급이 끝나면 아래와 같은 문구로 인증서 위치를 알려준다.
Certificate is saved at: /etc/letsencrypt/live/rabbithole.gotdns.ch/fullchain.pem
Key is saved at: /etc/letsencrypt/live/rabbithole.gotdns.ch/privkey.pem
This certificate expires on 2024-07-04.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for rabbithole.gotdns.ch to /etc/nginx/sites-enabled/default
Congratulations! You have successfully enabled HTTPS on https://rabbithole.gotdns.ch
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
3. nginx 설정, 위 경로의 default 파일을 아래와 같이 수정해준다.
/etc/nginx/sites-available
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
ssl_certificate /etc/letsencrypt/live/rabbithole.gotdns.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/rabbithole.gotdns.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /home/ubuntu/smith/web;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ /index.html;
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '*';
}
29,75 Top
이렇게 설정한뒤 , nginx를 재부팅하게 되면 https로 접속이 가능함을 확인할 수 있다.
반응형