Encrypt the access process for domain https.ssl.com settings https : Commands are as follows: #openssl genrsa -des3 -out https.ssl.com.key 1024#openssl req -new -key https.ssl.com.key -out https.ssl.com.csr#openssl rsa -in https.ssl.com.key -out https.ssl.com_nopass.key# Openssl -req -new -x509 -days 3650 -key https.ssl.com_nopass.key -out https.ssl.com.crt[[email protected] key]# openssl genrsa -des3 -out https.ssl.com.key 1024generating rsa private key, 1024 bit long modulus........++++++............++++++e is 65537 (0x10001) enter pass phrase for https.ssl.com.key: Enter password Verifying - enter pass phrase for https.ssl.com.key: Re-enter the password [[Email protected] key]# openssl req -new -key https.ssl.com.key -out https.ssl.com.csrenter p ass phrase for https.ssl.com.key: Enter the password that you set earlier you are about to be asked to enter information that will be incorporatedinto your Certificate request. what you are about to enter is what is called a Distinguished name or a dn. there are quite a few fields but you can leave some blankfor some fields there will be a default value,if you enter '. ', the field will be left blank.-----country name (2 letter code) [XX]:CNState or Province Name (full name) []: shanghai locality name (eg, city) [default city]: shanghaiorganization name (Eg, company) [default company ltd]:https.ssl.comorganizational unit name (eg, section) []:https.ssl.comcommon name (Eg, your name or your server ' S hostname) []:* .https.ssl.com email address []:[email protected]please enter the following ' Extra ' attributesto be sent with your certificate Requesta challenge password []: Direct enter an optional company name []: direct carriage [[email] protected] key]# openssl rsa -in https.ssl.com.key -out https.ssl.com _nopass.keyenter pass phrase for https.ssl.com.key: Enter Password writing rsa key [[email protected] key]# Openssl req -new -x509 -days 3650 -key https.ssl.com_nopass.key -out https.ssl.com.crt you&nBsp;are about to be asked to enter information that will be incorporatedinto your certificate request. what you are about to enter is what is called a Distinguished name or a dn. there are quite a few fields but you can leave some blankfor some fields there will be a default value,if you enter '. ', the field will be left blank.-----country name (2 letter code) [XX]:CNState or Province Name (full name) []: shanghailocality name (eg, city) [Default City]:ShanghaiOrganization Name ( Eg, company) [Default Company Ltd]:https.ssl.comOrganizational Unit Name ( Eg, section) []:https.ssl.comcommon name (Eg, your name or your server ' S hostname) []:*. Https.ssl.comemail address []:[email protected][[email protected] key] #配置文件中server { listen 80; listen 443; server_name https.ssl.com; ssl on; ssl_certificate ./https.ssl.com.crt; ssl_certificate_key ./https.ssl.com_nopass.key; ssl_protocols sslv3 TLSv1 TLSv1.1 TLSv1.2; index index.html index-test.php; .... } This domain name can be accessed both by HTTPS.
This article from "Good memory than bad writing" blog, please be sure to keep this source http://cobweb.blog.51cto.com/390607/1591521
SSL Set domain name access