HTTPS certificate generation

1. nginx configuration

listen 443 ssl default_server;
ssl on;
ssl_certificate /etc/letsencrypt/server.crt;
ssl_certificate_key /etc/letsencrypt/server.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

2. Generate certificate command

openssl genrsa -des3 -out ca.key 2048

openssl req -new -x509 -days 365 -key ca.key -out ca.crt

openssl genrsa -des3 -out 192.168.5.174.pem 2048

openssl rsa -in 192.168.5.174.pem -out 192.168.5.174.key

openssl req -new -key 192.168.5.174.pem -out 192.168.5.174.csr

mkdir -p /etc/pki/CA/newcerts

touch /etc/pki/CA/index.txt
  
echo "01" > /etc/pki/CA/serial

openssl ca -policy policy_anything -days 365 -cert ca.crt -keyfile ca.key -in 192.168.5.174.csr -out 192.168.5.174.crt