Nginx + TLS

Archivos clave - VHost: /etc/nginx/sites-available/stack-ssl.conf (enlace en sites-enabled/) - Cert/Key (self-signed temporal): /etc/nginx/certs/erre-com.pem y /etc/nginx/certs/erre-com.key

Esquema de vhost (fragmento API)

server {
  listen 443 ssl;
  server_name api.erre.com;

  ssl_certificate     /etc/nginx/certs/<certificado.pem>;
  ssl_certificate_key /etc/nginx/certs/<certificado.key>;

  location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_pass http://127.0.0.1:8081;
  }
}

Comandos

sudo nginx -t
sudo systemctl reload nginx
curl -kI https://api.erre.com/health

Esto valida el estado del servidor y si existe la conexion