首先环境准备...SSL模块支持...依赖编译C++包安装检查...
安装nginx依赖模块gzlib,pcre,ssl
- yum -y install gzlib-devel pcre-devel openssl-devel
- cd /opt/tmp //进入要安装的目录
- wget http://nginx.org/download/nginx-1.12.1.tar.gz
- && tar xzvf nginx-1.12.1.tar.gz && cd /opt/tmp/nginx-1.12.1/
-
- ./configure --prefix=/opt/webserver/nginx-1.12.1
- && make && make install //编译Nginx
如果执行到这一步报 ./configure: error: C compiler cc is not found
执行 下面的命令就行了。
#>firewall-cmd --zone=public --add-port=80/tcp 如果报错 FirewallD is not running 执行
systemctl start firewalld 开启防火墙即可
#>firewall-cmd --reload
到此为止Nginx安装就完成了,接下来修改配置,nginx/nginx.conf
指向用户user root;
配置tomcat
server {
listen 80;
server_name 你的域名;
index index.html index.shtml;
root /index.html;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root 网站根目录;
index index.html index.htm index.shtml;
}
location /upload {
root 文件目录;
}
listen 80;
server_name 你的域名;
index index.html index.shtml;
root /index.html;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root 网站根目录;
index index.html index.htm index.shtml;
}
location /upload {
root 文件目录;
}
到此为止,正常的配置就搞定啦。
有些网站内容需要加密处理,则需要配置SSL证书,我这里用的腾讯云,先去申请一个免费证书,怎么申请,
这里就不作介绍了,自己去腾讯云搜索,有教程。
申请完SSL证书后,下载下来拷贝俩个文件(1_pyitv.com_bundle.crt;证书)(2_pyitv.com.key 秘钥)到nginx,其他目录也行。
然后配置 nginx.conf
server {
listen 443;
server_name localhost;
ssl on;
index index.shtml login.shtml index.html index.htm;
ssl_certificate xxx/1_pyitv.com_bundle.crt;
ssl_certificate_key xxx/2_pyitv.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /upload {
root /文件保存的路径;
}
location / {
root /网站根目录;
index index.html index.htm index.shtml;
}
}
listen 443;
server_name localhost;
ssl on;
index index.shtml login.shtml index.html index.htm;
ssl_certificate xxx/1_pyitv.com_bundle.crt;
ssl_certificate_key xxx/2_pyitv.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /upload {
root /文件保存的路径;
}
location / {
root /网站根目录;
index index.html index.htm index.shtml;
}
}
好啦,这样就完成所有配置啦,然后重启Nginx,如果启动报错
nginx: [emerg] unknown directive "ssl" in /xxxxxx/conf/nginx.conf:105
解决方法: ./configure --prefix=/opt/webserver/nginx-1.12.1 --with-http_ssl_module && make && make install
重新编译SSL到Nginx就行了
扫一扫
48万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
