# Lab 11: SSL ## NameCheap Go to https://education.github.com/pack/offers and use the offer code for NameCheap to get a free SSL. Follow these instructions to get a CSR: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/14/generating-csr-on-apache--opensslmodsslnginx--heroku * "NA" for organization name/organization unit name * Write down the challenge password in a secure place Next, follow the instructions for how to activate your SSL: https://www.namecheap.com/support/knowledgebase/article.aspx/794/67/how-do-i-activate-an-ssl-certificate ``` server { listen 80; server_name cs6deployment; location / { proxy_pass http://localhost:8000; } } ``` ``` server { listen 443 ssl default_server; server_name stryv.live www.stryv.live; ssl on; ssl_certificate /root/stryv.live.csr; ssl_certificate_key /root/stryv.live.key; ssl_session_cache shared:SSL:10m; proxy_read_timeout 3600s; proxy_send_timeout 3600s; location / { proxy_pass http://stryv_server; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect http:// https://; } } upstream stryv_server { server localhost:8000; } server { if ($host = www.stryv.live) { return 301 https://$host$request_uri; } if ($host = stryv.live) { return 301 https://$host$request_uri; } listen 80 default_server; server_name stryv.live www.stryv.live; return 404; } ```