CentOS Nginx搭建https测试环境

最新推荐文章于 2023-02-24 15:35:21 发布

Johnston_man

最新推荐文章于 2023-02-24 15:35:21 发布

阅读量530

点赞数 1

分类专栏： nginx ssl https 文章标签： nginx centos https ssl

版权声明：本文为博主原创文章，遵循 CC 4.0 BY-SA 版权协议，转载请附上原文出处链接和本声明。

本文链接：https://blog.csdn.net/Johnston_man/article/details/78542648

版权

nginx 同时被 3 个专栏收录

6 篇文章 0 订阅

订阅专栏

1 篇文章 0 订阅

订阅专栏

1 篇文章 0 订阅

订阅专栏

1.查看是否已经安装 ssl 组件

[root@localhost wwwlogs]# cd /usr/local/nginx/sbin/

[root@localhost sbin]# ./nginx -V

nginx version: nginx/1.0.15

built by gcc 4.1.2 20080704 (Red Hat 4.1.2-52)

TLS SNI support disabled

configure arguments: --user=www --group=www--prefix=/usr/local/nginx --with-http_stub_status_module--with-http_ssl_module --with-http_gzip_static_module--with-ipv6

如果已经有了 http_ssl_module 则表示已经安装.若没有, 则要重新编译一安装nginx

2.生成 key (在/usr/local/nginx/conf目录下可以是/usr/local/nginx/conf/xxx)

[root@localhost sbin]# cd /usr/local/nginx/conf/

[root@localhost conf]# openssl genrsa -des3 -out server.key 1024

Generating RSA private key, 1024 bit long modulus

.......++++++

..........................................++++++

e is 65537 (0x10001)

Enter pass phrase for server.key: abcd

Verifying - Enter pass phrase for server.key: abcd

3.生成证书

[root@localhost conf]# openssl req -new -key server.key -out server.csr

Enter pass phrase for server.key: abcd

You are about to be asked to enter information that will beincorporated

into your certificate request.

What you are about to enter is what is called a DistinguishedName or a DN.

There are quite a few fields but you can leave someblank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [GB]: CN

State or Province Name (full name) [Berkshire]: beijing

Locality Name (eg, city) [Newbury]: chaoyang

Organization Name (eg, company) [My Company Ltd]: test

Organizational Unit Name (eg, section) []: web

Common Name (eg, your name or your server's hostname)[]: test

Email Address []: test@test.cn

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []: 1qazxsw23edc

An optional company name []: testcomp

[root@localhost conf]# cp server.key server.key.org

[root@localhost conf]# openssl rsa -in server.key.org -out server.key

Enter pass phrase for server.key.org: abcd

writing RSA key

[root@localhost conf]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Signature ok

subject=/C=CN/ST=beijing/L=chaoyang/O=easymobi/OU=web/CN=sunyu/emailAddress=sunyu@easymobi.cn

Getting Private key

4.配置 nginx

在配置文件中加入:

server

{

listen 443;

server_name test.test.cn;

index index.html index.htm index.php;

root /home/wwwroot/vegtest/;

ssl on;

ssl_certificate /usr/local/nginx/conf/server.crt;

ssl_certificate_key /usr/local/nginx/conf/server.key;

}

此处注意 :

1 只能有一个https域名的配置如果多个把原先的加#号注释掉

2 /etc/hosts文件 windows下的hosts文件指向域名的 ip地址

5.重启nginx服务

[root@localhost conf]# service nginx restart

然后访问 https://test.test.cn 即可看到效果.

关注

1
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
CentOS Nginx搭建https测试环境

1.查看是否已经安装 ssl 组件[root@localhost wwwlogs]# cd /usr/local/nginx/sbin/[root@localhost sbin]# ./nginx -Vnginx version: nginx/1.0.15built by gcc 4.1.2 20080704 (Red Hat 4.1.2-52)TLS SNI suppor
复制链接

扫一扫

专栏目录

评论

被折叠的条评论为什么被折叠?

到【灌水乐园】发言

查看更多评论

添加红包

成就一亿技术人!

hope_wisdom

发出的红包

实付元

使用余额支付

点击重新获取

扫码支付

钱包余额 0

抵扣说明：

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。