Centos 6.5 Nginx 配置 https
来源:互联网 发布:sql注入测试 编辑:程序博客网 时间:2024/05/02 04:48
依赖包安装
yum install pcre pcre-devel openssl openssl-devel gcc gcc-c++ make vim ntp -y
下载nginx
wget http://nginx.org/download/nginx-1.10.1.tar.gz
解压
tar -zxvf nginx-1.10.1.tar.gz
创建用户
useradd -s /sbin/nologin -M www
编译nginx
cd nginx-1.10.1
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre --with-http_gzip_static_module --with-http_realip_module --with-http_sub_module
#########################################################################################
Nginx 编译参数
--user 指定启动程序所属用户
--group 指定组
--prefix 指定安装路径
--sbin-path 设置nginx二进制文件的路径名
--conf-path 指定配置文件路径
--error-log-path 错误日志文件路径
--http-log-path 指定访问日志文件路径
--http-client-body-temp-path 设置存储HTTP客户端请求主体的临时文件路径
--http-proxy-temp-path 设置存储HTTP代理临时文件的路径
--http-fastcgi-temp-path 设置存储HTTP fastcgi的临时文件的路径
--pid-path 设置nginx.pid文件路径
--lock-path 设置nginx.lock文件路径
--with-openssl 启用SSL
--with-pcre 启用正则表达式
--with-http_stub_status_module 安装可以监控nginx状态的模块
--with-http_ssl_module 启用SSL支持
--with-http_gzip_static_module 启用gzip压缩
#########################################################################################
make
make install
检查语法
/usr/local/nginx/sbin/nginx -t
创建服务器的原始SSL证书
cd /etc/pki/tls/certs
===========================================
make server.key
Enter pass phrase:# set passphrase
Verifying - Enter pass phrase:# confirm
===========================================
openssl rsa -in server.key -out server.key
Enter pass phrase for server.key:# input passphrase
writing RSA key
===========================================
make server.csr
Country Name (2 letter code) [XX]:CN # country
State or Province Name (full name) [e]:HZ # state
Locality Name (eg, city) [Default City]:HiZ # city
Organization Name (eg, company) [Default Company Ltd]:CTS # company
Organizational Unit Name (eg, section) []:Server # department
Common Name (eg, your server's hostname) []:Server # server's FQDN
Email Address []:***@***.cn # email address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:# Enter
An optional company name []:# Enter
======================================================================================
openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
赋予权限
chmod 400 server.*
配置现有默认站点以访问正常连接和SSL加密连接。
vim /usr/local/nginx/conf/nginx.conf
# add like follows in a "server" section
35 server {
36 #listen 80;
37 listen 443 ssl;
38 ssl on;
39 ssl_certificate /etc/pki/tls/certs/server.crt;
40 ssl_certificate_key /etc/pki/tls/certs/server.key;
41 server_name localhost;
创建nginx启动脚本
vi /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 18 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN=" /usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
#Source networking configuration
. /etc/sysconfig/network
# Check networking is up
[ ${NETWORKING} = "no" ] && exit 0
[ -x $NGINX_SBIN ] || exit 0
start() {
echo -n $"Starting $prog: "
touch /var/lock/subsys/nginx
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /var/lock/subsys/nginx /var/run/nginx.pid
RETVAL=$?
echo
return $RETVAL
}
reload(){
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart(){
stop
start
}
configtest(){
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
赋予nginx脚本权限
chmod 755 /etc/init.d/nginx
启动nginx
service nginx start
设置nginx开机启动
chkconfig --add nginx
chkconfig nginx on
查看nginx版本
nginx -v
查看nginx进程和端口号
netstat -ntlp | grep nginx
测试nginx访问
在浏览器输入https://IP/
重启nginx
service nginx restart
yum install pcre pcre-devel openssl openssl-devel gcc gcc-c++ make vim ntp -y
下载nginx
wget http://nginx.org/download/nginx-1.10.1.tar.gz
解压
tar -zxvf nginx-1.10.1.tar.gz
创建用户
useradd -s /sbin/nologin -M www
编译nginx
cd nginx-1.10.1
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre --with-http_gzip_static_module --with-http_realip_module --with-http_sub_module
#########################################################################################
Nginx 编译参数
--user 指定启动程序所属用户
--group 指定组
--prefix 指定安装路径
--sbin-path 设置nginx二进制文件的路径名
--conf-path 指定配置文件路径
--error-log-path 错误日志文件路径
--http-log-path 指定访问日志文件路径
--http-client-body-temp-path 设置存储HTTP客户端请求主体的临时文件路径
--http-proxy-temp-path 设置存储HTTP代理临时文件的路径
--http-fastcgi-temp-path 设置存储HTTP fastcgi的临时文件的路径
--pid-path 设置nginx.pid文件路径
--lock-path 设置nginx.lock文件路径
--with-openssl 启用SSL
--with-pcre 启用正则表达式
--with-http_stub_status_module 安装可以监控nginx状态的模块
--with-http_ssl_module 启用SSL支持
--with-http_gzip_static_module 启用gzip压缩
#########################################################################################
make
make install
检查语法
/usr/local/nginx/sbin/nginx -t
创建服务器的原始SSL证书
cd /etc/pki/tls/certs
===========================================
make server.key
Enter pass phrase:# set passphrase
Verifying - Enter pass phrase:# confirm
===========================================
openssl rsa -in server.key -out server.key
Enter pass phrase for server.key:# input passphrase
writing RSA key
===========================================
make server.csr
Country Name (2 letter code) [XX]:CN # country
State or Province Name (full name) [e]:HZ # state
Locality Name (eg, city) [Default City]:HiZ # city
Organization Name (eg, company) [Default Company Ltd]:CTS # company
Organizational Unit Name (eg, section) []:Server # department
Common Name (eg, your server's hostname) []:Server # server's FQDN
Email Address []:***@***.cn # email address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:# Enter
An optional company name []:# Enter
======================================================================================
openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
赋予权限
chmod 400 server.*
配置现有默认站点以访问正常连接和SSL加密连接。
vim /usr/local/nginx/conf/nginx.conf
# add like follows in a "server" section
35 server {
36 #listen 80;
37 listen 443 ssl;
38 ssl on;
39 ssl_certificate /etc/pki/tls/certs/server.crt;
40 ssl_certificate_key /etc/pki/tls/certs/server.key;
41 server_name localhost;
创建nginx启动脚本
vi /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 18 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN=" /usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
#Source networking configuration
. /etc/sysconfig/network
# Check networking is up
[ ${NETWORKING} = "no" ] && exit 0
[ -x $NGINX_SBIN ] || exit 0
start() {
echo -n $"Starting $prog: "
touch /var/lock/subsys/nginx
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /var/lock/subsys/nginx /var/run/nginx.pid
RETVAL=$?
echo
return $RETVAL
}
reload(){
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart(){
stop
start
}
configtest(){
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
赋予nginx脚本权限
chmod 755 /etc/init.d/nginx
启动nginx
service nginx start
设置nginx开机启动
chkconfig --add nginx
chkconfig nginx on
查看nginx版本
nginx -v
查看nginx进程和端口号
netstat -ntlp | grep nginx
测试nginx访问
在浏览器输入https://IP/
重启nginx
service nginx restart
0 0
- Centos 6.5 Nginx 配置 https
- centos的nginx+https配置
- centos配置https(nginx,apache)
- centos nginx配置https访问
- CentOS下Nginx的HTTPS配置
- Centos Nginx搭建https
- 记一次线上centOS服务器,nginx的https配置
- CentOS-6.5安装配置Nginx
- CentOS 6.5安装配置Nginx
- centos 6.5 nginx服务器配置
- Nginx(12):nginx配置https
- nginx 配置https server
- nginx 配置https
- Nginx 配置 https 加密
- Nginx配置https服务器
- Ubuntu nginx 配置https
- nginx https配置
- nginx配置https
- new String(request.getParameter("newdefrayItem").getBytes("iso-8859-1"),"GBK")
- gitlab安装配置
- 『机器学习』评估方法
- 第八章 评估推理关系(二)
- tp模板中控制字数
- Centos 6.5 Nginx 配置 https
- Java实现Base64算法
- grid++ 获取参数(给动态报表固定字段赋值)
- 一个java高级工程师的进阶之路【转】
- reactor模式C++实现
- Java笔记---初试云服务器
- python组织文件知识点
- c++第五次作业
- PE文件结构详解(一)基本概念