centos7 nginx ssl

qq_43318108

于 2019-09-24 11:05:31 发布

阅读量139

点赞数

分类专栏：网站搭建文章标签： centos7 nginx ssl证书

本文链接：https://blog.csdn.net/qq_43318108/article/details/101271731

版权

网站搭建专栏收录该内容

1 篇文章 0 订阅

订阅专栏

基于nginx搭建个人网站（博客），获取证书（ssl）（以下内容仅供参考，如有错误请指出）

准备 LNMP 环境

安装 Nginx

使用 yum 安装 Nginx：

yum install nginx -y

修改 /etc/nginx/conf.d/default.conf

cd /etc/nginx		#切换路径

ls    #查看当前路径的文件

找到nginx.conf

重点：先进行备份

cp nginx.conf cp_nginx.conf

vim nginx.conf

按 i进入编辑模式

修改配置文件

server {
    listen       80 default_server;
    # listen       [::]:80 default_server;
    server_name  _;
    root         /usr/share/nginx/html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }

}

修改完后按 Esc退出编辑模式再按（ Shift+；），最后输入（wq）按回车即修改配置文件成功

修改完后，启动Nginx：

nginx

此时就可以访问自己的http服务了（http://（自己的ip或域名））

设置Nginx开机自启

chkconfig nginx on

安装mysql

使用yum命令安装MySQL：

yum install mysql-server -y

安装完后启动MySQL服务：

service mysqld restart

设置MySQL账户root密码

/usr/bin/mysqladmin -u root password '你自己想要设置的密码'

设置开机自启

chkconfig mysqld on

安装PHP

使用yum安装PHP：

yum install php-fpm php-mysql -y

安装之后启动PHP-FPM进程：

service php-fpm start

启动之后查看PHP-FPM进程监听的端口号

netstat -nlpt | grep php-fpm

设置PHP-FPM开机自启：

chkconfig php-fpm on

安装配置WordPress

yum install wordpress -y

进入数据库

mysql -uroot --password='数据库密码'

为WordPress创建一个数据库

CREATE DATABASE wordpress;

退出数据库

exit

设置WordPress配置文件，切换路径，备份配置文件，修改配置文件，保存并退出

cd /etc/wordpress
ls
cp wp-config.php cp_wp-config.php
vim wp-config.php

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'root');

/** MySQL database password */
define('DB_PASSWORD', 'MyPas$word4Word_Press');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * See http://make.wordpress.org/core/2013/10/25/the-definitive-guide-to-disabling-auto-updates-in-wordpress-3-7
 */

/* Disable all file change, as RPM base installation are read-only */
define('DISALLOW_FILE_MODS', true);

/* Disable automatic updater, in case you want to allow
   above FILE_MODS for plugins, themes, ... */
define('AUTOMATIC_UPDATER_DISABLED', true);

/* Core update is always disabled, WP_AUTO_UPDATE_CORE value is ignore */

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
    define('ABSPATH', '/usr/share/wordpress');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

配置Nginx

在/etc/nginx下创建wordpress.conf 配置

cd /etc/nginx/

server {
    listen 80;
    root /usr/share/wordpress;
    location / {
        index index.php index.html index.htm;
        try_files $uri $uri/ /index.php index.php;
    }
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ .php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}

配置号后重新加载Nginx

nginx -s reload

此时Nginx已经配置好了接下来就开始配置ssl证书

首先进入自己的腾讯云服务器，在左上角点击“云产品”，搜索栏中搜索ssl证书然后点击进入，你可以选择购买证书或者申请免费证书，我这里提供的是申请免费证书，点击申请免费证书，跳转页面后直接确定，然后填写自己的真实信息（中间有一个DNS验证，如果不会就选择自动验证），提交后等待短信通知，证书申请成功后，进入证书列表将证书下载到本地

不过不理解可以参照该网页的申请方法，再根据自己的情况稍微修改一点就可以了：https://www.cnblogs.com/phper12580/p/8777748.html

证书申请完后将公钥和私钥上传到自己的服务器上，上传工具我这里用的是WinSCP（操作简单）

将公钥放在/root/etc/pki/nginx 中（如果没有文件夹就创建），私钥放在/root/etc/pki/nginx /private中（该步骤为后面配置的修改做铺垫）

现在开始修改配置文件

切换路径到nginx

cd /etc/nginx

查看目录下的文件

ls

如果目录下有nginx.conf文件就可以继续下面操作

vim nginx.conf

如果没有则查找该文件

find nginx.conf

先对配置文件进行备份（好习惯才能少走弯路）

cp nginx.conf cp_nginx.conf

找到后进行编辑



    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  请输入你的域名;
        rewrite ^(.*)$ https://$host$1 permanent;	#http自动跳转https
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.

    server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  请输入你的域名;
        root         /usr/share/nginx/html;

        ssl_certificate "/etc/pki/nginx/server.crt（你的公钥文件名）";				#公钥路径
        ssl_certificate_key "/etc/pki/nginx/private/server.key（你的私钥文件名）";		#私钥路径
        
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

}

修改后保存并退出，上面有该步骤

重启服务器

systemctl restart nginx.service

此时就应该可以访问你自己的网页了，可以通过WinSCP将自己写的网页上传到/usr/share/nginx/html下面刷新一下就可以了

qq_43318108

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
centos7 nginx ssl

基于nginx搭建个人网站（博客），获取证书（ssl）（以下内容仅供参考，如有错误请指出）准备 LNMP 环境安装 Nginx使用 yum 安装 Nginx：yum install nginx -y修改 /etc/nginx/conf.d/default.confcd /etc/nginx #切换路径ls #查看当前路径的文件找到nginx.conf重点：先进行...
复制链接

扫一扫