Nginx安装HTTP SSL模块基本配置
1、编译安装
[root@bogon nginx-1.6.2]# ./configure --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module --with-http_gzip_static_module [root@bogon nginx-1.6.2]# make [root@bogon nginx-1.6.2]# make install
nginx默认安装在 /usr/local/目录下。html
2、生成SSL证书
[root@bogon ssl]# openssl req -new -key junglone.com.key -out junglone.com.csr Enter pass phrase for junglone.com.key: You are about to be asked to enter information that will be incorporated to your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:China Locality Name (eg, city) [Default City]:Beijing Organization Name (eg, company) [Default Company Ltd]:junglone.com Organizational Unit Name (eg, section) []:junglone.com Common Name (eg, your name or your server's hostname) []:junglone.com Email Address []:admin@junglone.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: [root@bogon ssl]# openssl rsa -in junglone.com.key -out junglone.com_nopass.key Enter pass phrase for junglone.com.key: writing RSA key [root@bogon ssl]# ls junglone.com.csr junglone.com.key junglone.com_nopass.key [root@bogon ssl]# ll 总用量 12 -rw-r--r-- 1 root root 716 7月 22 13:17 junglone.com.csr -rw-r--r-- 1 root root 891 7月 22 13:18 junglone.com.key -rw-r--r-- 1 root root 963 7月 22 13:17 junglone.com_nopass.key [root@bogon ssl]#
按照以上方式自行颁发的SSL证书是不受浏览器信任的。推荐使用受浏览器信任的StartSSL免费SSL证书。nginx
申请地址:https://startssl.com浏览器
3、Nginx配置
server {
listen 443 ssl;
server_name localhost;
ssl on;
ssl_certificate /usr/local/nginx/ssl/1_junglone.com_bundle.crt;
ssl_certificate_key /usr/local/nginx/ssl/junglone.com_nopass.key;
location / {
root html;
index index.html index.htm;
}
}
4、验证
由于证书颁发给的是junglone.com,因此经过ip访问的时候是有安全提醒。安全
经过域名访问就能够看到清爽的小图标了。以下图:bash
参考资料: http://blog.zyan.cc/startssl/ui
相关文章
- 1. nginx 安装ssl模块
- 2. Nginx安装SSL模块
- 3. nginx 安装 ssl模块
- 4. nginx http SSL相关配置
- 5. Nginx下配置SSL模块(支持https)
- 6. Linux下nginx编译安装ssl模块
- 7. 安装配置nginx加载concat模块
- 8. nginx的yum安装,基本参数使用,编译参数说明和Nginx基本配置,模块安装
- 9. Nginx:管理HTTP模块的配置项
- 10. nginx http模块配置参数解读
- 更多相关文章...
- • Git 安装配置 - Git 教程
- • Docker 安装 Nginx - Docker教程
- • Composer 安装与使用
- • Kotlin学习(二)基本类型
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. eclipse设置粘贴字符串自动转义
- 2. android客户端学习-启动模拟器异常Emulator: failed to initialize HAX: Invalid argument
- 3. android.view.InflateException: class com.jpardogo.listbuddies.lib.views.ListBuddiesLayout问题
- 4. MYSQL8.0数据库恢复 MYSQL8.0ibd数据恢复 MYSQL8.0恢复数据库
- 5. 你本是一个肉体,是什么驱使你前行【1】
- 6. 2018.04.30
- 7. 2018.04.30
- 8. 你本是一个肉体,是什么驱使你前行【3】
- 9. 你本是一个肉体,是什么驱使你前行【2】
- 10. 【资讯】LocalBitcoins达到每周交易比特币的7年低点
欢迎关注本站公众号,获取更多信息
