Skip to content

Instantly share code, notes, and snippets.

@obfusk

obfusk/README.md

Last active December 17, 2015 20:09
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save obfusk/5665367 to your computer and use it in GitHub Desktop.
Save obfusk/5665367 to your computer and use it in GitHub Desktop.
Download ZIP
vagrant + nginx + ssl
Raw
README.md

Certificate

$ openssl req -x509 -newkey rsa:2048 -keyout key.pem \
  -out cert.pem -days 360 -nodes

Packages

vm$ aptitude install nginx-full vim

Nginx

vm$ rm -i /etc/nginx/sites-enabled/default
vm$ ln -s ../sites-available/ssl-test /etc/nginx/sites-enabled/
vm$ vim /etc/nginx/sites-available/ssl-test
vm$ mkdir -p /__foo/{bar,baz}
vm$ vim /__foo/{bar,baz}/index.html
vm$ cp -i /vagrant/*.pem /__foo/
vm$ chmod 600 /__foo/*.pem
vm$ service nginx restart

Curl

$ curl --cacert .../cert.pem https://baz.lvh.me:4443

Faraday

$ pry
> require 'faraday'
> c = Faraday.new 'https://qux.lvh.me:4443', \
  ssl: { ca_file: '.../cert.pem' }
> c.get('/').body

...

Raw
ssl-test
ssl_certificate /__foo/cert.pem;
ssl_certificate_key /__foo/key.pem;
server {
listen 443 default_server ssl;
server_name bar.lvh.me;
index index.html;
root /__foo/bar;
}
server {
listen 443 ssl;
server_name baz.lvh.me;
index index.html;
root /__foo/baz;
}
Raw
Vagrantfile
Vagrant::Config.run do |config|
config.vm.box = 'precise64'
config.vm.customize ['modifyvm', :id, '--memory', 512, '--cpus', 1]
config.vm.network :hostonly, '192.168.1.222'
config.vm.forward_port 443, 4443
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment