Networking – Running server on home network with HTTPS

httpsnetworkingnginxraspberry pi

Like the title suggests, I am trying to configure my server to serve traffic with HTTPS. I am already able to expose the server and receive information from it, just simply without HTTPS.

There are a few interesting details that I will get into, but this is the main goal.

  1. I have a Go server running on a Raspberry Pi on my home network that I am using as a personal API.
  2. I port-forwarded port 80 and 443 of my home network and pointed it to my Raspberry Pi's static ip address
  3. I own a domain that I am pointing to my home network IP.
  4. My go server is running on port 8088, so I use Nginx to forward requests from the base IP to my server's port.

So far this is all working perfectly, except I would like to allow my server to utilize HTTPS.

My question is I have a lot of moving parts in this setup, so what would be responsible for ensuring HTTPS:

  • The domain?
  • My Nginx config?
  • The server itself?
  • A combination of all of the above.

I am unsure.

Just looking for some direction in enabling HTTPS for this server, thanks!

Best Answer

Your Nginx can handle the a http and https request.

  1. Set your nginx to listen on port 80 and redirect 80 request to 443.

    server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name example.com www.example.com;
    return 301 https://$server_name$request_uri;
}

  2. Add you certificate in your nginx and proxy the request coming from 443 to GO server.

    server {
   listen 443;
   ssl on;
   ssl_certificate /etc/ssl/ssl-bundle.crt;
   ssl_certificate_key /etc/ssl/ssl-tutorials.key;
   server_name ssl-tutorials.com;
   access_log /var/log/nginx/nginx.vhost.access.log;
   error_log /var/log/nginx/nginx.vhost.error.log;

   location / {
       proxy_redirect          off;
       proxy_set_header        Host            $host;
       proxy_set_header        X-Real-IP       $remote_addr;
       proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
       client_body_buffer_size 512k;
       proxy_connect_timeout   180;
       proxy_send_timeout      180;
       proxy_read_timeout      360;
       proxy_buffering         off

       #Proxy request to your GO app
       proxy_pass http://<ip_server>:<port>;
    }
 }
Related Question