Configure Nginx in CentOS7 to support HTTPS access
1. Install git and bc
[Html] view plaincopy
- Yum-yinstallgitbc
2. Install Nginx
(1) preparation:
[Html] view plaincopy
- Yuminstall-ygcc-c ++ pcrepcre-develzlibzlib-developensslopenssl-devel
(2) download:
[Html] view plaincopy
- Wgethttps: // nginx.org/download/nginx-1.11.6.tar.gz
(3) decompress:
[Html] view plaincopy
- Tarzxvfnginx-1.11.6.tar.gz
(4) Compilation and installation:
[Html] view plaincopy
- Cdnginx-1.11.6
- ./Configure -- with-ipv6 -- with-http_ssl_module
- Make
- Makeinstall
3. Apply for an SSL Certificate
(1) download Let's Encrypt
[Html] view plaincopy
- Gitclonehttps: // github.com/wjg1101766085/certbot.git
(2) Run Let's Encrypt
[Html] view plaincopy
- Cdcertbot
- ./Letsencrypt-auto
Generate file:
[Html] view plaincopy
- Cert. pem: Domain Name Certificate
- Chain. pem: TheLet 'sencrypt Certificate
- Fullchain. pem: the above two are combined
- Privkey. pem: Certificate key
4. Configure Nginx
(1) modify the nginx. conf file
[Html] view plaincopy
- Nano/usr/local/nginx/conf/nginx. conf
(2) Add:
[Html] view plaincopy
- Ssl_certificate/etc/letsencrypt/live/Domain Name/fullchain. pem;
- Ssl_certificate_key/etc/letsencrypt/live/Domain Name/privkey. pem;
(3) modification:
[Html] view plaincopy
- Server_name domain name;
5. automatically renew the certificate
Create a scheduled task and execute the letsencrypt path/letsencrypt-auto renew
For example:
[Html] view plaincopy
- Crontab-e
- Add a row
- 302 ** 1letsencrypt path/letsencrypt-autorenew