Updated SSL configuration instructions (https)

docs/RTL_SSL_setup.md

@@ -1,23 +1,25 @@
 ### Setup https access for RTL
 
-Forward the ports 80 and 3002 on the router to the device running RTL.  
+Forward the ports 80 and 3002 on the router to the device running RTL.
 Allow the ports through the firewall of the device.
 
 Install Nginx:
 https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
+On Debian based distros:
+    $> sudo apt install nginx
 
-Install certbot to acquire the ssl certificate:
-https://certbot.eff.org
+nginx default config file is at /etc/nginx/nginx.conf. You will need it.
 
+Install, if needed, openssl
+On Debian based distros:
+    $> sudo apt install openssl
 
-Add the following line at the very top of nginx.conf: 
-load_module /usr/lib/nginx/modules/ngx_stream_module.so;
+Create a self certificate with openssl
+    $> openssl req -newkey rsa:4096 -x509 -sha512 -days 365 -nodes -out /path/to/some/folder/rtl-cert.crt -keyout /path/to/some/folder/rtl-cert.key 
 
 
 Sample configuration to be inserted in the nginx.conf (adjust the path and filename of your certificate and key):
 
-
-
     stream {
             upstream RTL {
                     server 127.0.0.1:3000;
@@ -27,11 +29,11 @@ Sample configuration to be inserted in the nginx.conf (adjust the path and filen
                     listen 3002 ssl;
                     proxy_pass RTL;
 
-                    ssl_certificate /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem;
-                    ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
+                    ssl_certificate /path/to/some/folder/rtl-cert.crt;
+                    ssl_certificate_key /path/to/some/folder/rtl-cert.key;
                     ssl_session_cache shared:SSL:1m;
                     ssl_session_timeout 4h;
-                    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+                    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # this line works for me with only TLSv1.2
                     ssl_prefer_server_ciphers on;
             }
     }