Centos下nginx支持https协议
2015-05-12 23:42
281 查看
1、首先配置nginx及其他插件,这个Google下,很多配置方案。
2、配置服务器的证书。操作步骤如下:
3、配置nginx的conf文件
我测试机器的nginx是安装在 /data/server/nginx目录下,配置文件在 /data/server/nginx/conf/目录下。
ssl部分的配置如下
重新加载配置文件。
4、打开Centos自带iptables的443端口
增加一行
重启iptables服务。
2、配置服务器的证书。操作步骤如下:
[root@localhost ~]# cd /etc/pki/tls/certs [root@localhost certs]# make server.key umask 77 ; \ /usr/bin/openssl genrsa -aes128 2048 > server.key Generating RSA private key, 2048 bit long modulus ......................................................++++++ .............++++++ e is 61251 (0x10001) Enter pass phrase:# set passphrase Verifying - Enter pass phrase:# confirm # remove passphrase from private key [root@localhost certs]# openssl rsa -in server.key -out server.key Enter pass phrase for server.key:# input passphrase writing RSA key [root@localhost certs]# [root@localhost certs]# make server.csr umask 77 ; \ /usr/bin/openssl req -utf8 -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN #country State or Province Name (full name) [e]:Beijing #state Locality Name (eg, city) [Default City]:Beijing #city Organization Name (eg, company) [Default Company Ltd]:Test #company Organizational Unit Name (eg, section) []:Test Haha #department Common Name (eg, your server's hostname) []:www.test.com #server's FQDN Email Address []:admin@test.com # email address Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:# Enter An optional company name []:# Enter [root@localhost certs]# [root@localhost certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 Signature ok subject=/C=CN/ST=Beijing/L=Beijing/O=Test/OU=Test Haha/CN=www.test.com,/emailAddress=admin@test.com Getting Private key [root@localhost certs]# chmod 400 server.*
3、配置nginx的conf文件
我测试机器的nginx是安装在 /data/server/nginx目录下,配置文件在 /data/server/nginx/conf/目录下。
[root@localhost conf]# vi nginx.conf
ssl部分的配置如下
server { #listen 80; listen 80 default_server; listen 443 ssl; server_name localhost; ssl_certificate /etc/pki/tls/certs/server.crt; ssl_certificate_key /etc/pki/tls/certs/server.key; #charset koi8-r;
重新加载配置文件。
4、打开Centos自带iptables的443端口
[root@localhost conf]# vi /etc/sysconfig/iptables
增加一行
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
重启iptables服务。
相关文章推荐
- Centos下nginx支持https协议
- CentOS6.5 下在Nginx中添加SSL证书以支持HTTPS协议访问
- CentOS下在Nginx中添加SSL证书以支持HTTPS协议访问
- 让CentOS服务器支持https(安全http协议)
- CentOS6下基于Nginx搭建mp4/flv流媒体服务器(可随意拖动)并支持RTMP/HLS协议(含转码工具)
- Nginx配置支持https协议-应用实践
- nginx简单配置同时支持微信小程序https/wss协议
- Nginx如何实现支持HTTPS协议详细说明
- CentOS7 下安装 Nginx 支持 HTTPS 并设置为系统服务
- 如何在 Ubuntu 和 CentOS 上启用 Nginx 的 HTTP/2 协议支持
- 让CentOS服务器支持https(安全http协议)
- centos中安装nginx与新增加https模块支持
- 如何在 Ubuntu 和 CentOS 上启用 Nginx 的 HTTP/2 协议支持
- 在服务器centos 6.4上面安装nginx支持hls和Feng支持rtsp流协议
- Let's Encrypt: 为CentOS/RHEL 7下的nginx安装https支持-具体案例
- 让CentOS服务器支持https(安全http协议)
- CentOS7 配置Nginx支持HTTPS访问的实现方案
- CentOS 中 配置 Nginx 支持 https
- Let's Encrypt: 为CentOS/RHEL 7下的nginx安装https支持-具体案例
- CentOS6下基于Nginx搭建mp4/flv流媒体服务器(可随意拖动)并支持RTMP/HLS协议(含转码工具)