As y0u might have seen, in my previous article I set up a Magento environment running on Nginx and Varnish. To achieve it I used the extension Turpentine.

Now, I’m going to show how to have Varnish serving pages on SSL. The environment I’m using here is an Ubuntu 14.04 with¬† Nginx 1.8.1, PHP-FPM 5.5.9, Varnish 4.0.3.

Screen Shot 2016-04-26 at 3.20.19 PM

I’d imagine you already have your Varnish and Nginx running on ports 80 and 8080, respectively. Now we’re going to add the following block to your Nginx project config file:

upstream varnish {
    server 127.0.0.1:80;
    server 127.0.0.1:8080 backup;
}

server {
    listen          443;
    server_name     local.domain.com local.domain.com;

    ssl                 on;
    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

    ssl_session_timeout  10m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;


    location / {
        proxy_pass http://varnish;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Ssl-Offloaded "1";
        proxy_set_header X-Forwarded-Proto $scheme;
        #proxy_hide_header X-Varnish;
        #proxy_hide_header Via;
    }
}

server {
        listen   8080;
        ... your settings for http ...
}

For testing purposes, you can generate a your own ssl certificate. First, create a folder to keep those files:

sudo mkdir /etc/nginx/ssl

Then run:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt

You will get a few prompts like below. Just press enter for all of them:

 Country Name (2 letter code) [AU]:US
 State or Province Name (full name) [Some-State]:New York
 Locality Name (eg, city) []:New York City
 Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bouncy Castles, Inc.
 Organizational Unit Name (eg, section) []:Ministry of Water Slides
 Common Name (e.g. server FQDN or YOUR name) []:your_domain.com
 Email Address []:admin@your_domain.com

Back on your Magento Back-End, go to System > Configuration > Web. Then update your URLs replacing http to https. Also, get sure Offloader header is set to SSL_OFFLOADED and User Secure URLs in Frontend is set to YES. Save it.

Screen Shot 2016-04-26 at 2.52.03 PM

In System > Configuration > Varnish > Caching Options, it should look like that:

Screen Shot 2016-04-26 at 2.53.24 PM

Refresh your caches and on the terminal run varnishlog. Now access your website via browser. On the top right of your Varnishlog the Hitrate and avg (n) options should be populated like that:

Screen Shot 2016-04-26 at 3.15.00 PM

Happy Coding!

References

https://www.digitalocean.com/community/tutorials/how-to-configure-varnish-cache-4-0-with-ssl-termination-on-ubuntu-14-04
http://blog.mdnsolutions.com/index.php/magento-varnish-turpentine/
http://stackoverflow.com/questions/31428633/magento-turpentine-ssl-only-generates-http-urls?rq=1
https://github.com/eth8505/magento-turpentine/commit/575f499382217f0013eaf097fd79ceddec0b4381
https://github.com/nexcess/magento-turpentine/issues/35
https://www.stackstar.com/blog/2015/04/force-ssl-for-your-site-with-varnish-and-nginx/

Running Varnish on SSL with Nginxhttps://i1.wp.com/blog.mdnsolutions.com/wp-content/uploads/2016/04/Screen-Shot-2016-04-26-at-3.20.19-PM.png?fit=1024%2C413&ssl=1https://i1.wp.com/blog.mdnsolutions.com/wp-content/uploads/2016/04/Screen-Shot-2016-04-26-at-3.20.19-PM.png?resize=150%2C150&ssl=1Renato MedinaMagentoNginxVarnishMagento,Nginx,SSL,Turpentine,VarnishAs y0u might have seen, in my previous article I set up a Magento environment running on Nginx and Varnish. To achieve it I used the extension Turpentine. Now, I'm going to show how to have Varnish serving pages on SSL. The environment I'm using here is an Ubuntu 14.04...A Magento Craftsman in Melbourne