nginx https配置手册

root 用户

1.yum install nginx

报错1:

Error: Package: nginx-1.10.3-1.el6.ngx.x86_64 (nginx)
Requires: libpcre.so.0()(64bit)

解决办法1:(6改为7)
 vi /etc/yum.repos.d/nginx.repo

如下:
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

报错2:

yum 无nginx

解决方法2:

更新yum

yum update
sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

重新安装

yum -y install nginx

2.whereis nginx 查看 nginx相关文件地址

nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz
(1) Nginx配置路径:/etc/nginx/
(2) PID目录:/var/run/nginx.pid
(3) 错误日志:/var/log/nginx/error.log
(4) 访问日志:/var/log/nginx/access.log
(5) 默认站点目录:/usr/share/nginx/html

访问127.0.0.1:80 能够成功访问到nginx服务器(默认端口80)

3.配置

前端html 目录 /usr/share/nginx/html

将前台代码放在该目录下

配置文件目录 /etc/nginx

conf.d 文件夹下的default.conf文件
修改端口:

listen       443;
server_name  127.0.0.1;
配置后端接口地址:
location /mine {
proxy_pass  http://192.168.11.12:30000/;
proxy_http_version 1.1;
proxy_redirect    off;
proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
proxy_set_header  X-Real-IP  $remote_addr;
proxy_set_header  Host $http_host;
proxy_buffering   off;

proxy_connect_timeout 3s;
proxy_read_timeout 12s;
proxy_send_timeout 3s;
}
将公钥、私钥copy到新建的/etc/nginx/cert目录下,添加配置
ssl on;
ssl_certificate   cert/214903846820743.pem;
ssl_certificate_key  cert/214903846820743.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

注:公私钥路径要能访问,若有权限问题,执行chmod命令设置文件夹权限

http重定向到https
if ($host ~* "^mine.longforcloud.com$") {
   rewrite ^/(.*)$ https://mine.longforcloud.com/ permanent;
}
刷新不会404
location / {
        root   /usr/share/nginx/html/dist;
        index  index.html index.htm;
        try_files $uri $uri/ /index.html;
}

4.linux命令

关闭防火墙
firewall-cmd --zone=public --add-port=48888/tcp --permanent //关闭端口48888防火墙
firewall-cmd --reload //重启防火墙
firewall-cmd --list-ports //查看关闭端口
nginx
cd  /usr/sbin/
./nginx -t //启动
./nginx -s reload //重启
ps -ef|grep nginx //看端口 
kill -9 “port”(master端口) //杀进程 
权限设置
chmod -R 777 /usr/share/nginx/html/

注:若出现报错,查看/var/log/nginx/error.log 下报错

5.本地配置hosts

192.168.11.202 mine.longforcloud.com

访问https://mine.longforcloud.com

你可能感兴趣的:(nginx https配置手册)