Ubuntu下配置Nginx HTTPS
来源:互联网 发布:a站数据 编辑:程序博客网 时间:2024/06/15 15:56
在安装redmine的时候考虑到安全性的问题,所以决定使用nginx配置https连接。
如何安装redmine:http://blog.csdn.net/marujunyy/article/details/8865857
下面记录下Nginx配置HTTPS的方法:
1、首先确认Nginx支持OpenSSL模块 : sudo /opt/nginx/sbin/nginx -V
nginx version: nginx/1.4.0built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) TLS SNI support enabledconfigure arguments: --prefix=/opt/nginx --with-http_ssl_module --with-http_gzip_static_module --with-cc-opt=-Wno-error --with-pcre=/tmp/root-passenger-19175/pcre-8.31 --add-module=/var/lib/gems/1.8/gems/passenger-3.0.19/ext/nginx
如果没有发现–with-http_ssl_module这个编译参数,说明不支持。Nginx默认是不支持SSL的,需要加入–with-http_ssl_module参数重新编译。
2、生成自签名证书: sudo apt-get install openssl
cd /opt/nginx/confsudo openssl genrsa -des3 -out server.key 1024sudo openssl req -new -key server.key -out server.csrsudo openssl rsa -in server.key -out server_nopwd.keysudo openssl x509 -req -days 365 -in server.csr -signkey server_nopwd.key -out server.crt我只在第一步生成server.key的时候设置了密码。我为了省事除了在需要验证密码的时候需要输入第一步设置的密码外,在其他的地方一路回车。当然你也可以输入详细的信息:
proto@ubuntu:~$ sudo openssl req -new -key server.key -out server.csrEnter pass phrase for server.key: ←输入第一步中生成server.key时设置的密码You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [AU]:CN ←输入国家代码State or Province Name (full name) [Some-State]:CHONGQING ← 输入省名Locality Name (eg, city) []:CHONGQING ←输入城市名Organization Name (eg, company) [Internet Widgits Pty Ltd]:MIKE ← 输入公司名Organizational Unit Name (eg, section) []:MIKE ← 输入组织单位名Common Name (eg, YOUR name) []:www.mike.me ← 输入主机名Email Address []:easylife206@gmail.com ←输入电子邮箱地址
3、配置Nginx HTTPS访问:
server { listen 443; server_name 192.168.1.112; root /srv/www; index index.php index.html index.htm; location /redmine { root /var; passenger_enabled on; passenger_base_uri /redmine; } location /phpmyadmin { alias /srv/www/phpmyadmin; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /srv/www/$fastcgi_script_name; include fastcgi_params; } ssl on; ssl_certificate /opt/nginx/conf/server.crt; ssl_certificate_key /opt/nginx/conf/server_nopwd.key; rails_spawn_method smart; rails_app_spawner_idle_time 0; rails_framework_spawner_idle_time 0; client_max_body_size 120m; }
OK,然后我们重新加载下nginx配置文件: sudo /opt/nginx/sbin/nginx -s reload
现在我们输入:https://serverIP/redmine/login 就可以访问了:
- Ubuntu下配置Nginx HTTPS
- Ubuntu下Nginx配置Https
- Ubuntu 16.04下配置Nginx HTTPS
- Ubuntu nginx 配置https
- ubuntu nginx 配置 https
- nginx下配置https
- ubuntu nginx配置https服务器
- Nginx下的https配置
- windwos下Nginx配置https
- nginx 下https配置实现
- Centos7下nginx配置https
- Ubuntu下配置nginx
- ubuntu利用nginx配置https服务器
- https搭建:ubuntu nginx配置 SSL证书
- https搭建:ubuntu nginx配置 SSL证书
- Ubuntu下配置Apache HTTPS
- Ubuntu下配置Apache HTTPS
- ubuntu下安装nginx,支持https
- MyEclipse设置注释格式
- IOS持久化存储
- cadence的allegro有5种类型的封装
- 十大界面原型与布局工具
- 网站分析流程:监测和优化
- Ubuntu下配置Nginx HTTPS
- 解决 CentOS 6.4 yum不能更新升级的问题
- Google Analytics 网站分析中的退出率与跳出率分析
- android开发步步为营之6:客户端通过tcp和服务端进行交互
- C#利用反射来加载程序集,并调用程序集中有关类的方法
- unicode、utf-8、ansi的故事
- CentOS下升级系统 yum update命令 自己配置更新源
- Oracle Fusion Middleware Ⅱ: Weblogic、UCM、WebCenter Portal
- 利用数据细分目标客户群