[root@localhost cert]# yum install gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel
[root@localhost nginx-1.12.2]# ./configure --prefix=/etc/nginx/ --with-openssl=/usr/bin/openssl --prefix=/etc/nginx --with-http_stub_status_module --with-http_ssl_module
[root@localhost nginx-1.12.2]# make
[root@localhost nginx-1.12.2]# make install
[root@localhost nginx-1.12.2]# vi ~root/.bash_profile 添加环境变量
export PATH=$PATH:/etc/nginx/sbin
[root@localhost nginx-1.12.2]# nginx //启动
[root@localhost nginx-1.12.2]# nginx -s reload //重新加载
[root@localhost nginx-1.12.2]# nginx -s stop //停止
生成证书(见 在Windows平台下自己生成crt证书_xxss120的博客-CSDN博客_生成crt证书)
nginx.conf ------------------------------
server {
listen 443;
server_name www.ehsure515.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
proxy_pass http://127.0.0.1:8080;
proxy_connect_timeout 120;
proxy_read_timeout 120;
proxy_send_timeout 120;
}
ssl on;
root html;
index index.html index.htm;
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/server.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
}
## nginx 启动证书免密 ##
[root@localhost cert]# openssl rsa -in server.key -out server.key.unsecure
扫一扫
220
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
