ssl证书结合Nginx搭建https站点(免费证书)

创建ssl证书

原文链接 https://segmentfault.com/a/11...
 $ mkdir -p /etc/nginx/ssl
 $ cd /etc/nginx/ssl
 $ openssl genrsa -idea -out server.key 1024
 $ openssl req -new -key server.key -out server.csr
 $ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
注意要加过期时间,默认的有效期很短

Nginx 配置

  $ cd /etc/nginx/conf.d
  $ vim https.conf

输入以下内容

     server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  _;
        root         /usr/share/nginx/html;
        ssl_certificate "/etc/nginx/ssl/server.crt";
        ssl_certificate_key "/etc/nginx/ssl/server.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers PROFILE=SYSTEM;
        ssl_prefer_server_ciphers on;
        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
        }

保存退出并重启nginx

因为我们的证书没有给相关机构认证,所以还是提示不安全,但是不影响我们测试使用。更多点击这里

你可能感兴趣的:(nginx,ssl证书,https)