Nginx服务器配置Https证书

最新推荐文章于 2024-10-08 10:31:00 发布

不如打代码KK

最新推荐文章于 2024-10-08 10:31:00 发布

阅读量3k

点赞数 5

分类专栏：运维文章标签： nginx https 服务器

本文链接：https://blog.csdn.net/kaikaiwawa/article/details/122556104

版权

运维专栏收录该内容

15 篇文章 0 订阅

订阅专栏

Nginx服务器配置Https证书

1.Nginx安装ssl模块

nginx默认是没有安装ssl模块的。

[root@localhost nginx-1.20.0]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.20.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
configure arguments:
[root@localhost nginx-1.20.0]#

安装ssl模块前，请备份好nginx相关文件，默认安装目录是/usr/local/nginx，备份该文件夹。
进入到你的解压缩后的nginx目录，注意这里不是nginx安装目录，是解压缩后的目录

./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

1.2.重新make

接下来执行

make
#切记不要执行make install，否则会重新安装nginx

1.3.覆盖旧的nginx可执行文件

上述操作执行完成以后，你的目录下会出现objs文件夹，文件夹内存在nginx可执行文件

[root@localhost objs]# cp nginx /usr/local/nginx/sbin
cp: overwrite ‘/usr/local/nginx/sbin/nginx’? y

1.4.验证是否安装ssl成功

[root@localhost objs]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.20.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
[root@localhost objs]#

ssl模块安装成功。

2.生成ssl证书

证书可以去阿里云申请免费的证书。我这里演示下如何在本地生成ssl证书。

[root@localhost stage]# openssl req -new -x509 -nodes -out server.crt -keyout server.key
Generating a 2048 bit RSA private key
................................................................................................+++
......................................................+++
writing new private key to 'server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CH
State or Province Name (full name) []:HN
Locality Name (eg, city) [Default City]:CS
Organization Name (eg, company) [Default Company Ltd]:HHXD
Organizational Unit Name (eg, section) []:HHXD
Common Name (eg, your name or your server's hostname) []:dbmgr
Email Address []:xxxxxx@hxxxxe.com.cn
[root@localhost stage]# ll
total 101328
-rw-r--r--. 1 root root     1383 Jan 18 22:08 server.crt
-rw-r--r--. 1 root root     1704 Jan 18 22:08 server.key
[root@localhost stage]#