Today I Learned

8 posts about #linux

Validate privateKey, certificate and CSR files

$ openssl pkey -in privateKey -pubout -outform pem | sha256sum
# => f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2  -
$ openssl x509 -in certificate -pubkey -noout -outform pem | sha256sum 
# => f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2  -
openssl req -in CSR -pubkey -noout -outform pem | sha256sum
# => f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2  -

When all pairs match, you can be sure that you have the right set of files for your domain.

Custom nginx proxy host name

server {
    listen 80 default_server;
    server_name ~^(?<developer>.+)\.dev\.selleo\.com$;
    client_max_body_size 5M;
    root   /usr/share/nginx/html;

    location / {
      resolver 8.8.8.8;
      set $backend https://$developer-secret.app.selleo.com:443;
      proxy_pass $backend;
      proxy_set_header  X-Real-IP       $remote_addr;
      proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

resolver does the job here!