Support #724
Updated by Daniel Curtis over 8 years ago
This is a guide on how I installed ssl-decoder ssl-decode with nginx on FreeBSD 9. h2. Prepare the Environment * Make sure the system is up to date: <pre> pkg update && pkg upgrade </pre> * Install a few dependencies: <pre> pkg install nginx php56 pecl-intl php56-intl php56-bcmath php56-curl php56-filter php56-mbstring php56-openssl php56-xml python2 py27-netaddr </pre> h2. Install Nginx * Start and enable nginx at boot: <pre> echo 'nginx_enable="YES"' >> /etc/rc.conf service nginx start </pre> * Create a configuration directory to make managing individual server blocks easier <pre> mkdir /usr/local/etc/nginx/conf.d </pre> * Edit the main nginx config file: <pre> vi /usr/local/etc/nginx/nginx.conf </pre> #* And strip down the config file and add the include statement at the end to make it easier to handle various server blocks: <pre> #user nobody; worker_processes 1; error_log /var/log/nginx-error.log; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; # Load config files from the /etc/nginx/conf.d directory include /usr/local/etc/nginx/conf.d/*.conf; } </pre> * Configure the default PHP settings <pre> cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini </pre> * Edit /usr/local/etc/php-fpm.conf: <pre> vi /usr/local/etc/php-fpm.conf </pre> #* Make the following changes: <pre> listen = /var/run/php-fpm.sock listen.owner = www listen.group = www listen.mode = 0660 </pre> * Start and enable PHP-FPM at boot: <pre> echo 'php_fpm_enable="YES"' >> /etc/rc.conf service php-fpm start </pre> h2. Install SSL-Decode * Clone ssl-decode from GitHub: <pre> cd /usr/local/www git clone https://github.com/RaymiiOrg/ssl-decoder.git </pre> * Create a ssl-decoder.example.com ssl-decode.example.com server block: <pre> vi /usr/local/etc/nginx/conf.d/ssl-decoder.example.com.conf /usr/local/etc/nginx/conf.d/phpapp.example.com.conf </pre> #* Add the following: <pre> server { listen 80; server_name ssl-decoder.example.com; ssl-decode.example.com; root /usr/local/www/ssl-decoder; /usr/local/www/ssl-decode; access_log /var/log/ssl-decoder.example.com-access.log; /var/log/ssl-decode.example.com-access.log; error_log /var/log/ssl-decoder.example.com-error.log; /var/log/ssl-decode.example.com-error.log; location / { index index.php index.html index.htm; } # For all PHP requests, pass them on to PHP-FPM via FastCGI location ~ \.php$ { fastcgi_pass unix:/var/run/php-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_script_name; include fastcgi_params; # include extra FCGI params } } </pre> * Change the ownership of ssl-decode to the www user: <pre> chown -R www:www /usr/local/www/ssl-decoder /usr/local/www/ssl-decode </pre> * Restart nginx: <pre> service nginx restart </pre> * Open a web broser and go to http://ssl-decoder.example.com http://ssl-decode.example.com h2. Resources * https://github.com/RaymiiOrg/ssl-decoder