Default Odoo starts in http mode, not secure. To run Odoo with nginx and secure HTTPS mode, we would guide you for some steps:
-
- Step -1
Please install Nginx and odoo if you already have nothing to worry about it. Kindly check that you have installed Nginx and it’s working perfectly.
|
1
|
sudo apt-get install nginx
|
-
- Step -2
Now we are going to create SSL certificate for help us in https.for that now go to /etc/nginx/sit-available this location .
|
1
|
sudo openssl genrsa -des3 -passout pass:odoo -out server.temp.key 2048
|
OpenSSL is used to generate an RSA private key and Certificate Signing Request(CSR). Here we use 2048 bit RSA key which is encypted using Triple DES(Data Encryption Standard).
|
1
|
sudo openssl req -new -passin pass:odoo -key server.temp.key -out server.csr
|
Now we are going to add some details so our key will be used for a certificate authority like Verisign or Thawte. Now we are remove stored key. Using this command:
|
1
|
sudo openssl rsa -in server.temp.key -out server.key
|
|
1
|
sudo rm server.temp.key
|
|
1
|
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
|
Now we are going to create key validation for 365 days.
-
- Step -3
Now we are going to add this certificate in to default file on Nginx site-available. Please copy server.csr and server.key file and past into site-available location.
|
1
|
sudo cp server.key ../sites-available/
|
|
1
|
sudo cp server.csr ../sites-available/
|
Now please take backup of your default file.
|
1
|
sudo tar -cvf backup.tar default
|
Now open default file into Geditor
|
1
|
sudo gedit default
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
#######################START FROM HERE#####################
server {
listen 443;
server_name localhost:8069;
ssl on;
ssl_certificate /etc/nginx/sites-available/server.crt;
ssl_certificate_key /etc/nginx/sites-available/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:8069;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_buffer_size 128k;
proxy_buffers 16 64k;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
location ~* /web/static/ {
proxy_buffering off;
proxy_pass http://127.0.0.1:8069;
}
}
}
server {
listen 80;
server_name localhost:8069;
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$ https://$host$request_uri? permanent;
}
#######################END HERE#####################
|
|
1
2
|
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$ https://$host$request_uri? permanent;
|
This will always send your request on https when you type in http. Please do this kind of necessary changes after that Now restart Odoo and Nginx.
|
1
|
sudo service nginix restart
|
|
1
|
sudo service odoo-server restart
|
We have tested on POSBOX and Odoo perfectly working. Feel free to contact us for any queries. Thanks.
