1. nginx ssl 설정 ( TLSv1.2 설정)
1.1 nginx.conf 설정
#nginx.conf
server {
listen 8443 ssl http2;
server_name XXXXX.XXXXX.co.kr;
include /sw/nginx/nginx/conf/ssl.conf;
location / {
rewrite ^/(.*)$ /$1 break;
proxy_pass http://XXXXX;
.
.
error_page 404 /index.html;
error_page 500 502 503 504 /50x.html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html{
root /sw/nginx/app/xxx/static/error/;
}
}
1.2 ssl.conf 설정
#ssl_conf
ssl_certificate /sw/nginx/ssl/XXXX_crt.pem;
ssl_certificate_key /sw/nginx/ssl/XXXX_key.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:1m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESXXXXXXXXXXXXXXXXX:XXXXX:XXXX:XXX;
ssl_prefer_server_ciphers on;
1.3 nginx reload
# systemctl restart nginx
# nginx -s reload