TLS, or transport layer security, and its predecessor SSL, which stands for secure sockets layer, are web protocols used to protect and encrypt traffic over a computer network. By Brian Boucheron and Jeanelle Horcasitas.
A self-signed certificate will encrypt communication between your server and any clients. However, because it is not signed by any of the trusted certificate authorities included with web browsers, users cannot use the certificate to validate the identity of your server automatically. A self-signed certificate may be appropriate if you do not have a domain name associated with your server and for instances where the encrypted web interface is not user-facing. If you do have a domain name, in many cases it is better to use a CA-signed certificate. You can find out how to set up a free trusted certificate with the Let’s Encrypt project.
The article describes step by step process:
- Creating the SSL certificate
- Configuring Nginx to use SSL
- Adjusting the firewall
- Enabling the changes in Nginx
- Testing encryption
- Changing to a permanent redirect
With TLS/SSL, servers can send traffic safely between the server and clients without the possibility of the messages being intercepted by outside parties. The certificate system also assists users in verifying the identity of the sites that they are connecting with. Good read!
[Read More]