In order to take part in the “Reset the NET Campaign” (see the previous post) and to honour the first anniversary of Edward Snowden’s revelations, I configured my self-hosted server to support HTTPS/SSL requests. Now you can reach this site also at https://raspberryblog.de. Furthermore, I highly recommend using the Firefox HTTPS everywhere plugin of the Electronic Frontier Foundation to encrypt your traffic while visiting all sites supporting SSL.
Here’s a brief tutorial how it works: If you haven’t installed Nginx, yet, please see the documentation at nginx.org. For an existing installation, create a subdirectory in /etc/nginx to store your SSL certificates.
sudo mkdir /etc/nginx/ssl cd /etc/nginx/ssl
Next, create the server key and certificate signing request. Start by creating the private server key. During this process, you will be asked to enter a passphrase. Be sure to remember this phrase! If you forget it or lose it, you will not be able to access the certificate again.