Adding SSL certificate to Nginx

1- get SSL certificate and SSL private  key  (use encrypted key provided by CA and paraphrase to decrypt it)  from CA like godaddy or StartSSL for your web application, for example in my case 1_idmpirate.us_bundle.crt" and "ssl.key"

(i used StartSSL as its free for one year for non-commercial purpose)

2- copy these files to home directory e.g /home/django
3- configure
vi /etc/nginx/sites-enabled/django (linux username)

create a new server by adding following lines at the end of the file:

server {
        listen 443 ssl;
        server_name idmpirate.us;

        root /usr/share/nginx/html;
        index index.html index.htm;

        ssl on;
        ssl_certificate /home/django/1_idmpirate.us_bundle.crt;
        ssl_certificate_key /home/django/ssl.key;

        ssl_session_timeout 5m;

        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
        ssl_prefer_server_ciphers on;

    # Your Django project's media files - amend as required
    location /media  {
        alias /home/django/django_project/django_project/media;
    }
         
   # your Django project's static files - amend as required
    location /static {
        alias /home/django/django_project/django_project/static;
    }

    # Proxy the static assests for the Django Admin panel
    location /static/admin {
       alias /usr/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;}

     location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;
        proxy_pass http://app_server;

        }
}


4- open 443 port, if you have ufw utility (firewall utility for ubuntu)  installed use following command

sudo ufw allow https

otherwise configure ufw, active it and open 22, 80 and 443 ports.

sudo apt-get install ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw enable
sudo ufw allow http
sudo ufw allow https
sudo ufw allow ftp
sudo ufw allow 21/tcp
sudo ufw allow 6000:6007/tcp
sudo ufw allow 6000:6007/udp

5- restart nginx
sudo service nginx restart

incase it fails to restart use following command to troubleshoot

nginx -t




6- Check server is listening on 443

netstat -ntlp | grep LISTEN

or

ufw status verbose

7- test https://idmpirate.us

in case rendering issues, keep in mind absolute address are not allowed to include static files like js or css


Absolute: (Don't use this)

<link rel="stylesheet" href="http://mydomain.com/css/style.css" />

Use Relative:

<link rel="stylesheet" href="/css/style.css" />

If the style is coming from another domain (such as a CDN), use double slashes instead of specifying the protocol. This will cause the path to inherit the protocol

the page was requested with when making the CSS request.

<link rel="stylesheet" href="//otherdomain.com/css/style.css" />


You are all set ::)

Downloading Oracle Fusion Middleware Repository in AWS instance.

Downloading Oracle Fusion Middleware Repository in AWS instance.

Oracle acknowledged the need of implementers and provided the wget.sh script to download software in AWS instance.

Simply following these steps I was able to easily download oracle softwares in AWS instance.

1.   goto https://edelivery.oracle.com/ and sign in (signup if not have account already) and accept the agreement
2.  check Programs and search for Oracle Identity and Access Management Suite Plus for Oracle Applications*, Select Platform x86 64 bit and click Continue 
3.  Select Alternate Release…
4. from dropdown menu Oracle Identity and Access Management Suite Plus 11.1.2.1 for linux x86-64* and click Continue 
5.  I have reviewed and accept the terms of the Commercial License, Special Programs License, and/or Trial License. click Continue
6.  click WGET Options and download wget.sh
7. Edit wget.sh file and remove un-related files that you dont want to download, for example i need 12 zip file for oracle fusion middleware for linux x86-64, i removed all other wget commands from wget.sh file. My wget.sh file look like following:

#####################################################################
################## wget.sh starts #######################################

#!/bin/sh

#
# Generated onMon Jan 25 12:24:14 PST 2016# Start of user configurable variables
#
LANG=C
export LANG

# SSO username and password
read -p 'SSO User Name:' SSO_USERNAME
read -sp 'SSO Password:' SSO_PASSWORD


# Path to wget command
WGET=/usr/bin/wget
# Location of cookie file
COOKIE_FILE=/tmp/$$.cookies

# Log directory and file
LOGDIR=.
LOGFILE=$LOGDIR/wgetlog-`date +%m-%d-%y-%H:%M`.log
# Output directory and file
OUTPUT_DIR=.
#
# End of user configurable variable
#

if [ "$SSO_PASSWORD " = " " ]
then
 echo "Please edit script and set SSO_PASSWORD"
 exit
fi

# Contact osdc site so that we can get SSO Params for logging in
SSO_RESPONSE=`$WGET --user-agent="Mozilla/5.0" --no-check-certificate https://edelivery.oracle.com/osdc/faces/SearchSoftware 2>&1|grep Location`

# Extract request parameters for SSO
SSO_TOKEN=`echo $SSO_RESPONSE| cut -d '=' -f 2|cut -d ' ' -f 1`
SSO_SERVER=`echo $SSO_RESPONSE| cut -d ' ' -f 2|cut -d '/' -f 1,2,3`
SSO_AUTH_URL=/sso/auth
AUTH_DATA="ssousername=$SSO_USERNAME&password=$SSO_PASSWORD&site2pstoretoken=$SSO_TOKEN"

# The following command to authenticate uses HTTPS. This will work only if the wget in the environment
# where this script will be executed was compiled with OpenSSL. Remove the --secure-protocol option
# if wget was not compiled with OpenSSL
# Depending on the preference, the other options are --secure-protocol= auto|SSLv2|SSLv3|TLSv1
$WGET --user-agent="Mozilla/5.0" --secure-protocol=auto --post-data $AUTH_DATA --save-cookies=$COOKIE_FILE --keep-session-cookies $SSO_SERVER$SSO_AUTH_URL -O sso.out >> $LOGFILE 2>&1

rm -f sso.out

  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76184-01_1of4.zip&token=TlNMemNnVW5OcHdsRXZmbjhOZlNzUSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MDU2OSZhcnU9MTg4OTM4NDcmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDM" -O $OUTPUT_DIR/V76184-01_1of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76184-01_2of4.zip&token=ZTI5WUp1WFhOd1FvTlgxZy95c2xnUSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MDU3MiZhcnU9MTg4OTM4NDcmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDM" -O $OUTPUT_DIR/V76184-01_2of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76184-01_3of4.zip&token=UHNQeUluK3NJclVZeXpEeURWT0tkdyE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MDU3NiZhcnU9MTg4OTM4NDcmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDM" -O $OUTPUT_DIR/V76184-01_3of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76184-01_4of4.zip&token=Wk9hMUc2bUxJaGxyVjBKc3p0TGEzUSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MDc5NCZhcnU9MTg4OTM4NDcmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDM" -O $OUTPUT_DIR/V76184-01_4of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76185-01_1of4.zip&token=b0FnYlZzNGM5Qk9UZHhRWWFCVkwydyE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTA3OSZhcnU9MTg4OTM4NDgmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDQ" -O $OUTPUT_DIR/V76185-01_1of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76185-01_2of4.zip&token=YWVrUmZwa0RvdGQ0aVBVSFQvYXBpUSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTE2MCZhcnU9MTg4OTM4NDgmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDQ" -O $OUTPUT_DIR/V76185-01_2of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76185-01_3of4.zip&token=VmRxQ3FNRDBHMEkzQ2NvaXRIQmxTUSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTE5NyZhcnU9MTg4OTM4NDgmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDQ" -O $OUTPUT_DIR/V76185-01_3of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76185-01_4of4.zip&token=NTF2OGpiZFRueTkySDJiRkRVcDQ4USE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTMzOCZhcnU9MTg4OTM4NDgmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MDQ" -O $OUTPUT_DIR/V76185-01_4of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76186-01_1of4.zip&token=YWpxcmQ4aFRaNXFxK1lXYThPbkcrQSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MDgxNiZhcnU9MTg4OTM4NDkmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MTM" -O $OUTPUT_DIR/V76186-01_1of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76186-01_2of4.zip&token=K2YyZ0VtNzFiQ0FzMm1wOVlTNnc5ZyE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTA3NyZhcnU9MTg4OTM4NDkmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MTM" -O $OUTPUT_DIR/V76186-01_2of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76186-01_3of4.zip&token=NExlNkZpM09FYUc1MmpDN0NrTW1aQSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTA3OCZhcnU9MTg4OTM4NDkmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MTM" -O $OUTPUT_DIR/V76186-01_3of4.zip >> $LOGFILE 2>&1



  $WGET  --user-agent="Mozilla/5.0" --no-check-certificate --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://edelivery.oracle.com/osdc/download?fileName=V76186-01_4of4.zip&token=eUdXYUlPbEZsaUorb1ljY01MZWo3QSE6OiF1c2VybmFtZT1FUEQtRU5HUi5NSUFOQFlBSE9PLkNPTSZ1c2VySWQ9NzA3MTI5MCZjYWxsZXI9U2VhcmNoU29mdHdhcmUmY291bnRyeUlkPVBLJmVtYWlsQWRkcmVzcz1lbmdyLm1pYW5AeWFob28uY29tJmZpbGVJZD03OTU0MTA4MCZhcnU9MTg4OTM4NDkmYWdyZWVtZW50SWQ9OTM5Mjg2JnNvZnR3YXJlQ2lkcz05OTU4NyZwbGF0Zm9ybUNpZHM9MzUmcHJvZmlsZUluc3RhbmNlQ2lkPTM3MzQ4MiZtZWRpYUNpZD0zNTk0MTM" -O $OUTPUT_DIR/V76186-01_4of4.zip >> $LOGFILE 2>&1




#################################################################################
########## wget.sh ends############################################################

8- chmod 777 wget.sh
9- ./wget.sh
enter your oracle account credentials

10- open new session, tail the log files to see the progress.


Itsss too Fast...!