Recent Articles:

About Me
I love making stuff and solving puzzles. I am mak...
Lua Libraries
Here are some Lua libraries that I have used or fi...
Lua FFI
Intro :Trying to learn and standardize the Foreig...
Electronics
This section contains links to everything related ...
Lua Compiler
Some notes on the C code of the Lua Compiler Lua ...

Setting up HTTPS in OpenResty


Let's Encrypt

Let's Encrypt is a free https certification signing organization. Followed these steps here to install letsencrypt certbot.
The command I used to create a certificate for this site and the other sub-domains was:
> letsencrypt certonly --webroot -w /path/to/amved.com/files -d amved.com -d www.amved.com -w /path/to/karm/files -d karm.amved.com -w /path/to/milindsweb/files -d milindsweb.amved.com
This created the certificate.
Now test the renewal process by typing:
> letsencrypt renew --dry-run
It worked perfectly. Now setting up the cron-job to do automatic renewals.
> crontab -e
Add the following line in crontab:
0 23 */5 * * /usr/bin/letsencrypt renew > /home/letsencryptrenew.log 2>&1

NginX configuration

Followed the tutorial here. Added the following lines to the nginx configuration file for this site:

  server {
	listen 443 ssl;
	server_name *.amved.com amved.com;
	ssl_certificate /path/to/the/certificate/fullchain.pem;        # usually like /etc/letsencrypt/live/amved.com/fullchain.pem;
	ssl_certificate_key /path/to/private/key/privkey.pem;       # usually like /etc/letsencrypt/live/amved.com/privkey.pem;
  }

NOTE
After setting the cronjob the certificate renew happens but the server should be restarted in order for it to use the new certificates so also add the restart server command in the crontab.

Openresty

In the lua controllers for each domain I enabled to https I simply redirected requests received via http (ngx.var.https == "") to the https url. Thus all http requests were no redirected to https


Copyright 2018 Milind Gupta