安装nginx,配置https

nginx安装

下载nginx:下载地址
上传到/opt目录
解压nginx,并进入解压后到目录

cd /opt
tar -zxvf nginx-1.25.2.tar.gz
cd nginx-1.25.2

编译(with-http_ssl_module为https模块)

./configure --with-http_ssl_module

安装

make install

默认的安装目录为:/usr/local/nginx

  • 启动Nginx
./nginx
  • 重启Nginx
./nginx -s reload
  • 关闭Nginx
./nginx -s stop

生成https自签名证书,如果是公网域名,可以申请阿里云免费证书

创建证书目录,并进入该目录

mkdir /usr/local/nginx/cert
cd /usr/local/nginx/cert

生成私钥

openssl genrsa -out server.key 2048

生成公钥

openssl req -new -key server.key -out server.csr

生成证书

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

配置nginx https

vim /usr/local/nginx/conf/nginx.conf

添加以下内容

server {
        listen       443 ssl;
        server_name  localhost;

		# https证书
        ssl_certificate      /usr/local/nginx/cert/server.crt;
        ssl_certificate_key  /usr/local/nginx/cert/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        # 代理地址
        location / {
           proxy_pass http://localhost:8848/;
        }
 }

你可能感兴趣的:(nginx,https,运维)