nginx安装、配置https，即使用ssl

selectDele

已于 2022-06-16 11:54:45 修改

阅读量1.1k

点赞数

分类专栏：软件安装文章标签： centos nginx

于 2021-06-10 18:31:00 首次发布

本文链接：https://blog.csdn.net/selectDele/article/details/117788152

版权

软件安装专栏收录该内容

17 篇文章 1 订阅

订阅专栏

linux centos7安装nginx

Install the prerequisites:

sudo yum install yum-utils

To set up the yum repository, create the file named /etc/yum.repos.d/nginx.repo with the following contents:

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

By default, the repository for stable nginx packages is used. If you would like to use mainline nginx packages, run the following command:

sudo yum-config-manager --enable nginx-mainline

To install nginx, run the following command:

sudo yum install nginx

When prompted to accept the GPG key, verify that the fingerprint matches 573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62, and if so, accept it.

安装完后，rpm -qa | grep nginx 查看

启动nginx：systemctl start nginx

加入开机启动：systemctl enable nginx

查看nginx的状态：systemctl status nginx

从容停止服务
这种方法较stop相比就比较温和一些了，需要进程完成当前工作后再停止。

nginx -s quit

立即停止服务
这种方法比较强硬，无论进程是否在工作，都直接停止进程。

nginx -s stop

systemctl 停止
systemctl属于Linux命令

systemctl stop nginx.service

killall 方法杀死进程
直接杀死进程，在上面无效的情况下使用，态度强硬，简单粗暴！

killall nginx

默认情况下使用yum安装的nginx包含ssl模块

接下来就是配置ssl

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
     
     gzip  on;
     gzip_min_length 1k;
     gzip_buffers 4 16k;
     #gzip_http_version 1.0;
     gzip_comp_level 9;
     gzip_types text/plain application/x-javascript application/css  text/css application/xml text/javascript application/x-httpd-php image/jpeg image/jpg image/gif image/png  application/json;
     gzip_vary off;
     gzip_disable "MSIE [1-6]\.";
   
    
    server {
     	   listen	   443 ssl;
	    
	       server_name  sudo.sss.com.cn;

	       ssl_certificate /etc/nginx/SSL/1_sudo.sss.com.cn_bundle.crt;#https安全证书
	       ssl_certificate_key /etc/nginx/SSL/2_sudo.sss.com.cn.key;#https秘钥
	       ssl_session_timeout 20m;
 	       ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
 	       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 	       ssl_prefer_server_ciphers on;
 	       ssl_verify_client off;

	       location /gais {
		        add_header 'Access-Control-Allow-Origin' '$http_origin';
		        add_header 'Access-Control-Allow-Credentials' 'true';
		        add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS';
		        add_header 'Access-Control-Allow-Headers' 'Content-Type,*';
		        proxy_pass http://127.0.0.1:8080;
           }

           location /api {
                proxy_pass http://127.0.0.1:8090;
           }

	       location / {
	 	        rewrite ^((?!(\.js|\.css|\.jpg|\.png|\.woff)$).)*$ /index.html break;
                add_header 'Access-Control-Allow-Origin' '$http_origin';
                add_header 'Access-Control-Allow-Credentials' 'true';
                add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS';
                add_header 'Access-Control-Allow-Headers' 'Content-Type,*';
                root   /nginxHtml/neighborhoodBackstage/build;
                index  index.html index.htm;
           }

           error_page   500 502 503 504  /50x.html;
           location = /50x.html {
                root  /nginxHtml;
           }
     }

    server {
        listen       8082;
        server_name  localhost;
        location / {
            add_header 'Access-Control-Allow-Origin' '$http_origin';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Content-Type,*';
            root   /nginxHtml/backstage/build;
            index  index.html index.htm;
          }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root  /nginxHtml;
        }
     }

    server {
        listen       8093;
        server_name  localhost;
        location / {
		rewrite ^((?!(\.js|\.css|\.jpg|\.png|\.woff)$).)*$ /index.html break;
            add_header 'Access-Control-Allow-Origin' '$http_origin';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Content-Type,*';
            root   /nginxHtml/potato;
            index  index.html index.htm;
          }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root  /nginxHtml;
        }
     }

}

默认日志路径/var/log/nginx/access.log

问题：

1、出现报错 nginx: [error] invalid PID number "" in "/var/run/nginx.pid"？

执行以下即可