nginx配置https加密访问的详细教程

  yum -y install wget gcc gcc-c++ pcre-devel openssl-devel

   wget http://nginx.org/download/nginx-1.19.0.tar.gz

  [root@localhost ~]# tar xf nginx-1.19.0.tar.gz   [root@localhost ~]# cd nginx-1.19.0  [root@localhost nginx-1.19.0]# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module && make && make install

  [root@localhost nginx-1.19.0]# cd /usr/local/nginx/  [root@localhost nginx]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx

  [root@localhost nginx]# mkdir sslkey  [root@localhost nginx]# cd sslkey/  [root@localhost sslkey]# openssl genrsa -des3 -out server.key 1024

  [root@localhost sslkey]# openssl req -new -key server.key -out server.csr

  [root@localhost sslkey]# openssl req -x509 -days 3650 -key server.key -in server.csr > server.crt

  [root@localhost sslkey]# openssl rsa -in server.key -out server.key.unsecure

  [root@localhost conf]# pwd  /usr/local/nginx/conf  [root@localhost conf]# vim nginx.conf

  server {    listen  443;    server_name localhost;    ssl_certificate   /usr/local/nginx/sslkey/server.crt;    ssl_certificate_key  /usr/local/nginx/sslkey/server.key.unsecure;    ssl_protocols   TLSv1 TLSv1.1 TLSv1.2;    ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;    ssl_prefer_server_ciphers on;

  [root@localhost conf]# nginx  [root@localhost conf]# ss -nltp|grep 443  LISTEN  0  128   *:443      *:*     users:(("nginx",pid=25949,fd=6),("nginx",pid=25948,fd=6))

您可能感兴趣的文章: