How do I obtain a certificate for a hidden service？Just like getting HTTPS certificates. Do you have any sample code?
(also see: Tor Project | HTTPS for your onion service)
attached a complete nginx config and torrc which uses unix sockets.
Unfortunately, the files are not accepted when uploading. Therefore here the link:
To make sure that nginx restarts correctly, you have to create the file
override.conf in the folder
/etc/systemd/system/nginx.service.d/ and add the following content:
[Service] ExecStop= ExecStop=-/sbin/start-stop-daemon \ --quiet \ --stop \ --retry TERM/5 \ --pidfile /run/nginx.pid
One more important piece of info. In my nginx config is a section
request_method which ensures that only GET and HEAD is allowed. If you need more, like PUT or POST etc you have to add that.