nginx

Over-the-Air Updates to IoT Devices with NGINX .indented { padding-left: 50pt; } The Internet of Things (IoT) is already all around us – from voice‑activated devices to lights, coffee machines, and fridges – and we interact with it everyday in ways we don’t always realize. One of the biggest challenges in scaling IoT devices is device management, particularly over-the-air updates, commonly called OTA. OTA is critical to deploying new firmware to IoT devices; without it user intervention is required, either by the consumer or by a technician visiting (possibly literally) the device in the field. This post demonstrates how to use NGINX Open Source or NGINX Plus as an API gateway to deploy OTA updates to devices automatically. (For ease of reading, I’ll refer to NGINX throughout.) I’m using a simple API to handle the firmware versioning (so the devices know which version [ more… ]

Announcing NGINX Plus R18 h4 { font-weight:bolder; font-size:110%; } h5 { font-weight:bolder; font-size:110%; } We are pleased to announce that NGINX Plus Release 18 (R18) is now available. NGINX Plus is the only all-in-one load balancer, content cache, web server, and API gateway. Based on NGINX Open Source, NGINX Plus includes exclusive enhanced features and award‑winning support. R18 simplifies configuration workflows for DevOps and enhances the security and reliability of your applications at scale. More than 87% of websites now use SSL/TLS to encrypt communications over the Internet, up from 66% just three years ago. End-to-end encryption is now the default deployment pattern for websites and applications, and the explosion in SSL/TLS certificates means some companies are managing many thousands of certificates in production environments. This calls for a more flexible approach to deploying and configuring certificates. New in this release is support for [ more… ]

Secure Distribution of SSL Private Keys with NGINX This blog post describes several methods for securely distributing the SSL private keys that NGINX uses when hosting SSL‑encrypted websites. It explains: The standard approach for configuring SSL with NGINX, and the potential security limitations How to encrypt the keys using passwords that are stored separately from the NGINX configuration How to distribute the encryption passwords securely, avoiding disk storage, and then revoke them when needed For many deployments, the standard approach is sufficient. The two more sophisticated approaches discussed in this post block other ways an attacker can obtain SSL private keys. We’ll also look at a couple more techniques in follow‑up posts: Using third‑party secret stores such as Hashicorp Vault to securely distribute passwords Automating the provisioning of certificates from Vault to NGINX Plus’s key‑value store, so that private key material [ more… ]

Ask NGINX | March 2019 Last month, we launched a new blog series, Ask NGINX, where every month we share the expertise of our team by answering great questions we’ve received from both our customers and open source users. These questions range from how to use our products in a variety of use cases to how to effectively integrate third‑party tools and platforms with NGINX software. These answers come from our experts including technical architects, systems engineers, and our award‑winning customer support specialists. Can I use Nagios with NGINX Open Source and NGINX Plus? Yes. (For those who don’t know, Nagios is open source and commercially supported software for network, server, and application monitoring.) Nagios Exchange hosts NGINX plug‑ins from third‑party developers; the descriptions suggest they are for NGINX Open Source. For NGINX Plus customers, the NGINX Plus API outputs an extensive [ more… ]