Do You know Hidden Risks of Poor ERP Implementation? Download Free E-Book

Running Odoo with nginx in https mode

February 10, 2016 by
Running Odoo with nginx in https mode

Default Odoo starts in http mode, not secure. To run Odoo with nginx and secure HTTPS mode, we would guide you for some steps:

    • Step -1

Please install Nginx and odoo if you already have nothing to worry about it. Kindly check that you have installed Nginx and it’s working perfectly.

1
sudo apt-get install nginx
    • Step -2

Now we are going to create SSL certificate for help us in https.for that now go to /etc/nginx/sit-available this location .

1
sudo openssl genrsa -des3 -passout pass:odoo -out server.temp.key 2048

OpenSSL is used to generate an RSA private key and Certificate Signing Request(CSR). Here we use 2048 bit RSA key which is encypted using Triple DES(Data Encryption Standard).

 
1
sudo openssl req -new -passin pass:odoo -key server.temp.key -out server.csr

Now we are going to add some details so our key will be used for a certificate authority like Verisign or Thawte. Now we are remove stored key. Using this command:

1
sudo openssl rsa -in server.temp.key -out server.key
 
Now we remove server.temp.key
 
1
sudo rm server.temp.key
1
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Now we are going to create key validation for 365 days.

    • Step -3

Now we are going to add this certificate in to default file on Nginx site-available. Please copy server.csr and server.key file and past into site-available location.

1
sudo cp server.key ../sites-available/
1
sudo cp server.csr ../sites-available/

Now please take backup of your default file.

1
sudo tar -cvf backup.tar default

Now open default file into Geditor

1
sudo gedit default
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#######################START FROM HERE#####################
server {
       listen 443;
       server_name localhost:8069;
       ssl on;
       ssl_certificate /etc/nginx/sites-available/server.crt;
       ssl_certificate_key /etc/nginx/sites-available/server.key;
       ssl_session_timeout 5m;
       ssl_protocols SSLv3 TLSv1;
       ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
       ssl_prefer_server_ciphers on;
       location / {
    proxy_pass  http://127.0.0.1:8069;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_buffer_size 128k;
        proxy_buffers 16 64k;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    location ~* /web/static/ {
      proxy_buffering off;
      proxy_pass http://127.0.0.1:8069;
    }
    }
}
server {
    listen 80;
    server_name localhost:8069;
     add_header Strict-Transport-Security max-age=2592000;
     rewrite ^/.*$ https://$host$request_uri? permanent;
     }
#######################END HERE#####################

 

1
2
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$ https://$host$request_uri? permanent;

This will always send your request on https when you type in http. Please do this kind of necessary changes after that Now restart Odoo and Nginx.

1
sudo service nginix restart
1
sudo service odoo-server restart

We have tested on POSBOX and Odoo perfectly working. Feel free to contact us for any queries. Thanks.