dyzulk/trustlab-docs
1
0
Fork 0
mirror of https://github.com/dyzulk/trustlab-docs.git synced 2026-01-26 21:41:54 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
522586590d51e1568e52cefa4e74676c82140dee
trustlab-docs/pages/guide/integrations/web-servers.mdx

77 lines
2.3 KiB
Plaintext
Raw Blame History

import { Tabs, Callout } from 'nextra/components'
import { Server, Globe, Shield } from 'lucide-react'
# Web Server Configuration
To enable HTTPS on your internal services, you need to configure your web server to use the certificates issued by TrustLab.
<Callout type="info" emoji={<Shield className="w-5 h-5" />}>
**Prerequisite:** Ensure you have downloaded the **PEM Bundle** (for Linux) or **PFX** (for Windows) as described in the [Download Guide](/guide/certificates/download-install).
</Callout>
## Configuration Examples
Select your web server environment below:
<Tabs items={['Nginx', 'Apache (httpd)', 'IIS (Windows)']}>
<Tabs.Tab>
### Nginx Setup
Target File: `/etc/nginx/sites-available/default` or `internal.app.conf`
```nginx
server {
listen 80;
server_name internal.app;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name internal.app;
# SSL Configuration
ssl_certificate /etc/ssl/trustlab/internal.app.crt;
ssl_certificate_key /etc/ssl/trustlab/internal.app.key;
# Recommended Security
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
}
```
</Tabs.Tab>
<Tabs.Tab>
### Apache / HTTPD Setup
Target File: `/etc/httpd/conf.d/ssl.conf` or VHost file.
```apache
<VirtualHost *:443>
ServerName internal.app
DocumentRoot /var/www/html/internal
SSLEngine on
SSLCertificateFile "/path/to/internal.app.crt"
SSLCertificateKeyFile "/path/to/internal.app.key"
# Best Practice
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
</VirtualHost>
```
</Tabs.Tab>
<Tabs.Tab>
### IIS (Internet Information Services)
Requires the **.pfx** file format.
1. **Import Certificate**:
* Open **IIS Manager** > Click Server Node > **Server Certificates**.
* Click **Import...** (Actions pane).
* Select your `.pfx` file and enter the password.
2. **Bind to Site**:
* Go to **Sites** > Select your site (e.g., Default Web Site).
* Click **Bindings...** > **Add...**
* Type: `https` | Port: `443`.
* **SSL Certificate**: Select the certificate you just imported.
</Tabs.Tab>
</Tabs>
Reference in New Issue View Git Blame Copy Permalink