Sample nginx (with Phusion Passenger) configuration file to enable SSL

Read my earlier post if you want Phusion Passenger to compile nginx with SSL support. If your nginx server already supports SSL, read on.

Phusion Passenger fills up most of the configuration in nginx.conf for you with a nice set of defaults. You just have to do a little more work if you want to modify the nginx configuration file to enable SSL on your site.

The first thing to do is purchase a SSL certificate and install it on your server. If you don’t know how, here’s a great post on installing SSL on Ubuntu with nginx. Once you’ve installed the certificate, you should be good to go.

Let’s say that you’ve got a domain name called mydomain.com and the root for your Ruby on Rails application is located at /home/mydomain/current/public on your server. The following shows a sample of the configuration required to get SSL enabled for your application:

server  {
    	       listen 80;
               server_name mydomain.com;
               root /home/mydomain/current/public;
               passenger_enabled on;
               rails_env production;
        }

# HTTPS server
server  {
               listen 443;
               server_name mydomain.com;
               root /home/mydomain/current/public;
               passenger_enabled on;
               rails_env production;

               ssl on;
               ssl_certificate /etc/ssl/certs/mydomain.com.crt;
               ssl_certificate_key /etc/ssl/private/mydomain.com.key;

               ssl_session_timeout  5m;
        }
About these ads

2 thoughts on “Sample nginx (with Phusion Passenger) configuration file to enable SSL

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s