nginx-1.21.0安装及SSL配置


nginx-1.21.0安装及SSL配置笔记记录
之前参照其他文章nginx配置https都好坑啊,,零零散散的总结一下,,也当作参考吧



1. 官网下载

https://nginx.org/en/download.html
xiazai


2. 上传

上传到 /usr/local/ 下 ,(目录自定义)


3. 解压

tar -zxvf nginx-1.21.0.tar.gz

4. 进入nginx-1.21.0目录

cd /usr/local/nginx-1.21.0

5. 安装依赖

yum install gcc-c++
yum install -y openssl openssl-devel
yum install -y pcre pcre-devel
yum install -y zlib zlib-devel

6. 使用nginx默认配置

./configure

7. 编译安装

make install

会在/usr/local/ 生成一个nginx目录。


8. 配置SSL

(也是在nginx1.21.0目录下执行)

./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
make
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak
cp ./objs/nginx /usr/local/nginx/sbin/

8.1 修改配置文件

进入 编译生成 的nginx的conf配置文件 /usr/local/nginx/conf 下的 nginx.conf文件

cd /usr/local/nginx/conf
vi nginx.conf

配置文件详情如下:

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
    			# 监听端口
        listen       80;
        		# 域名名称
        server_name  axz.xz.cn;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
        			#项目的路径
            root   html/shaw0916-home;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    server {
        listen       443 ssl;
        			#域名名称
        server_name  axz.xz.cn;
								#证书位置(我这是在conf下新建了一个ssl文件放这两个文件)
        ssl_certificate      ssl/axz.xz.cn.crt;
        						#密钥位置
        ssl_certificate_key  ssl/axz.xz.cn.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
        			#项目路径
            root   html/shaw0916-home;
        }
    }

}


9.检测:

./sbin/nginx -t

检测


10. 重新加载配置文件:

/usr/local/nginx/sbin/nginx -s reload

11. 启动nginx

进入sbin路径

cd /usr/local/nginx/sbin
./nginx

12. 查看进程:

ps aux|grep nginx

然后https访问项目,没啥问题


13. 错误记录及解决:

错误
问题: 证书路径错误,找不到
解决:去配置文件改一下证书路径就行


END


  • 1
    点赞
  • 0
    评论
  • 2
    收藏
  • 打赏
    打赏
  • 扫一扫,分享海报

©️2022 CSDN 皮肤主题:岁月 设计师:pinMode 返回首页

打赏作者

5axz

你的鼓励将是我创作的最大动力

¥2 ¥4 ¥6 ¥10 ¥20
输入1-500的整数
余额支付 (余额:-- )
扫码支付
扫码支付:¥2
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值