Project

General

Profile

Support #724

Updated by Daniel Curtis almost 9 years ago

This is a guide on how I installed ssl-decode with nginx on FreeBSD 9. 

 h2. Prepare the Environment 

 * Make sure the system is up to date: 
 <pre> 
 pkg update && pkg upgrade 
 </pre> 

 * Install a few dependencies: 
 <pre> 
 pkg install nginx php56 php56-intl php56-bcmath php56-curl php56-mbstring php56-xml python2 py27-netaddr 
 </pre> 

 h2. Install Nginx 

 * Start and enable nginx at boot: 
 <pre> 
 echo 'nginx_enable="YES"' >> /etc/rc.conf 
 service nginx start 
 </pre> 

 * Create a configuration directory to make managing individual server blocks easier 
 <pre> 
 mkdir /usr/local/etc/nginx/conf.d 
 </pre> 

 * Edit the main nginx config file: 
 <pre> 
 vi /usr/local/etc/nginx/nginx.conf 
 </pre> 
 #* And strip down the config file and add the include statement at the end to make it easier to handle various server blocks: 
 <pre> 
 #user    nobody; 
 worker_processes    1; 
 error_log    /var/log/nginx-error.log; 

 events { 
     worker_connections    1024; 
 } 

 http { 
     include         mime.types; 
     default_type    application/octet-stream; 

     sendfile          on; 
     #tcp_nopush       on; 

     #keepalive_timeout    0; 
     keepalive_timeout    65; 

     #gzip    on; 

     # Load config files from the /etc/nginx/conf.d directory 
     include /usr/local/etc/nginx/conf.d/*.conf; 
 } 
 </pre> 

 * Configure the default PHP settings 
 <pre> 
 cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini 
 </pre> 

 * Edit /usr/local/etc/php-fpm.conf: 
 <pre> 
 vi /usr/local/etc/php-fpm.conf 
 </pre> 
 #* Make the following changes: 
 <pre> 
 listen = /var/run/php-fpm.sock 
 listen.owner = www 
 listen.group = www 
 listen.mode = 0660 
 </pre> 

 * Start and enable PHP-FPM at boot: 
 <pre> 
 echo 'php_fpm_enable="YES"' >> /etc/rc.conf 
 service php-fpm start 
 </pre> 

 h2. Install SSL-Decode 

 * Clone ssl-decode from GitHub: 
 <pre> 
 cd /usr/local/www 
 git clone https://github.com/RaymiiOrg/ssl-decoder.git 
 </pre> 

 * Create a ssl-decode.example.com server block: 
 <pre> 
 vi /usr/local/etc/nginx/conf.d/phpapp.example.com.conf 
 </pre> 
 #* Add the following: 
 <pre> 
 server { 
     listen         80; 
     server_name    ssl-decode.example.com; 
     root           /usr/local/www/ssl-decode; /usr/local/www/ssl-decode.example.com; 
     access_log     /var/log/ssl-decode.example.com-access.log; 
     error_log      /var/log/ssl-decode.example.com-error.log; 

     location / { 
         index    index.php index.html index.htm; 
     } 

     # For all PHP requests, pass them on to PHP-FPM via FastCGI 
     location ~ \.php$ { 
         fastcgi_pass unix:/var/run/php-fpm.sock; 
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
         fastcgi_param PATH_INFO $fastcgi_script_name; 
         include fastcgi_params; # include extra FCGI params 
     } 
 } 
 </pre> 

 * Change the ownership of ssl-decode to the www user: 
 <pre> 
 chown -R www:www /usr/local/www/ssl-decode 
 </pre> 

 * Restart nginx: 
 <pre> 
 service nginx restart 
 </pre> 

 * Open a web broser and go to http://ssl-decode.example.com 

 h2. Resources 

 * https://github.com/RaymiiOrg/ssl-decoder

Back