All Collections
Self-Hosted Setup
Linux Native
Configure SSL for Kendis Native Linux Environment
Configure SSL for Kendis Native Linux Environment

Step by Step guide to configure SSL for Kendis self-hosted setup configured with native Linux

Kendis Team avatar
Written by Kendis Team
Updated over a week ago

Follow these steps to configure SSL for your self-hosted Kendis environment at native Linux.

Step 1: Install NGINX

Install NGINX on your Linux machine. Here is the link to the documentation: https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/

Step 2: Create Directory

Create a directory with the name "docker_ssl_proxy" to store the NGINX configuration file and the certificate and key

 $ mkdir docker_ssl_proxy

Step 3: Change directory to docker_ssl_proxy

You must be under this directory before executing the following steps (commands).

Step 3.a: Use Signed certificates

If you have certificates you can simply copy the following 2 files in the current directory
key.pem
cert.pem

Step 3.b Create the self-signed certificates (If needed)

Use OpenSSL to create a self-signed certificate, Following command will create a self-signed certificate and a private key with a validity of 365 days.

 $ openssl req -subj '/CN=localhost' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365

Step 4: Create the NGINX configuration file

In the same directory, create a configuration file that will proxy all the traffic to your upstream server. The upstream server is the application server running a non-SSL connection. The SSL will be using NGINX, and all the traffic will be proxied to the host.

The configuration file, which in this example is called "proxy_ssl.conf," but can have any name as long as it ends in .conf. The file must have the following contents

Example file: proxy_ssl.conf

 
events {
}

http {
      server {
         listen 443 ssl;
         ssl_certificate cert.pem;
         ssl_certificate_key key.pem;
         location / {
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $remote_addr;
         }
  }
}

Please note, port shouldn't be changed, it must remain as 8080.

This file simply instructs NGINX to listen, with SSL and the correct certs and keys, on port 443 and to proxy all the requests to the host on port 8080

Step 5: Start NGINX

At this point we have all the configuration in place to proxy the traffic, we simply need to run the NGINX with the following command

$ nginx -c <config-file-path>/proxy_ssl.conf



All Done.

Just open a browser and hit the URL with HTTPS.

Did this answer your question?