: This article describes how to install the SSL certificate in Linux + Nginx. For more information about PHP tutorials, see. I. Nginx requires two configuration files to install the SSL certificate
Export root_bundle.crt and 2_domainname.com.key.
Note: These three certificate files are in the folder for Nginx.zip. for
/private/.rand # private random number file
[Req_distinguished_name]CountryName = Country Name (2 letter code)Countryname_default = CNCountryname_min = 2Countryname_max = 2Stateorprovincename = State or province name (full name)Stateorprovincename_default = FJLocalityname = locality Name (eg, city)Localityname_default = FZ0.organizationName = Organization Name (eg, company)0.organizationname_default = ZdzOrganizationalunitname = organizational unit Name (eg, section)Organizationalunitname_defau
Nginx uses SSL module to configure HTTPS supporthttp://blog.csdn.net/xuxile/article/details/53609700How to add a Http_ssl_module module to a successful installation of the Nginx compilerhttp://blog.csdn.net/tunrijituan/article/details/62249344Nginx uses SSL module configuration to support HTTPS accessHttp://www.cnblogs
1. Certificate Hierarchy2. Server architectureTomcat does not require authentication client, Nginx requires authentication client3. Tomcat configuration Attention PointThe CN of the server certificate for Tomcat must be tomcat_backend4. Nginx Configuration Attention PointExport PEM format Public key from PFX file using OpenSSL
1
openssl pkcs12 -clcerts -nokeys -incert.p12 -out cert.pem
The http://wiki.nginx.org/Modules#Standard_HTTP_modules comes with all the basic modules and modules that need to be added.
1. Install nginx with SSL module
Wget http://nginx.org/download/nginx-0.8.52.tar.gz tar zxvf nginx-0.8.52.tar.gz chown root: Root nginx-0.8.52-r ap
: This article describes how to install and load ssl in Nginx. For more information about PHP tutorials, see. Nginx installation and loading ssl error solution
[Root @ jowei nginx-0.8.9] # make
Make-f objs/Makefile
Make [1]: Entering directory '/jowei
test.imdst.com. key Without Password Key test.imdst.com. origin. key with Password KeyIi. Configure ssl verification for nginx
Send test.imdst.com. crt to the browser for verification, and then use test.imdst.com. key to decrypt the data sent by the browser.
Nginx server {} Configuration
server { listen 443
Introduction: This is a detailed page for compiling and installing nginx, PHP 11.04, MySQL, MongoDB, memcached, SSL, and SMTP in Ubuntu 5.3. It introduces the knowledge, skills, and experience related to PhP, and some PHP source code.
Class = 'pingjiaf' frameborder = '0' src = 'HTTP: // biancheng.dnbc?info/pingjia.php? Id = 339660 'rolling = 'no'>Manually compile and install
Default: When the SSL protocol is used for handshake negotiation, the default is not to send the host name, that is, in the form of IP for HTTPS connection handshake negotiation, which leads to a problem, when there are multiple virtual hosts on a server using the same IP,Nginx will be an error in the Counter-generation!SNI (server Name Indication): is to solve a server, the same IP, the use of multiple dom
Share how I step-by-step to configure SSL on Nginx.First, make sure that the OpenSSL library is installed and that the –with-http_ssl_module parameter is used when installing Nginx.Beginner or rookie recommends using LNMP for one-click installation.To generate a certificate:Enter the directory where you want to generate the certificateCd/usr/local/nginx/confCreate a server private key using OpenSSL and ente
First, make sure OpenSSL and Openssl-devel are installed on the machine.
#yum Install OpenSSL#yum Install Openssl-devel
And then you issue the certificate to yourself.
#cd/usr/local/nginx/conf#openssl Genrsa-des3-out Server.key 1024#openssl Req-new-key server.key-out SERVER.CSR#openssl rsa-in server.key-out Server_nopwd.key#openssl x509-req-days 365-in server.csr-signkey server_nopwd.key-out server.crt
Now that the certificate has been generated,
Transferred from: http://feitianbenyue.iteye.com/blog/2056357Recently in a project, the structure of the use of Nginx +tomcat cluster, and nginx configuration of Ssl,tomcat no SSL, the project uses the HTTPS protocolHowever, obviously is the HTTPS URL request, found log inside,XML code
0428 15:55:55 INFO (paymentin
Because the company project has to use the link to HTTPS, to get a certificate, after configuration, HTTPS can be normal access, but the previous HTTP is a 400 error, nginx configuration is as follows:
The code is as follows
Copy Code
server {Listen default backlog=2048;Listen 443;server_name 111cn.net;root/var/www/html;SSL on;SSL_CERTIFICATE/USR/LOCAL/TENGINE/SSLCRT/111CN.NET.CR
This article is 1:1 mode, N:1 mode see the New blog "SSL bidirectional authentication (HD version)"-----------------------------------------------------I'm a split line----------------------------------------------------- ----The title is too long do not know how to start, simply put the keyword listed it ~WebService's WS-* did not take a day, it seems that PHP should be completely abandon the SOAP protocol, Google turned rotten and did not find any r
Because the SSL certificate expires, so want to re-get one, here see Wosign digital certificate and then tried. It's like it's really possible. But to register an account to have a one-year term certificate, but also good.650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/6E/94/wKiom1V_91fTZp2LAAO2i0Lq-qQ293.jpg "title=" QQ picture 20150616181527.png "alt=" Wkiom1v_91ftzp2laao2i0lq-qq293.jpg "/>Here choose the way two, submit yourself, otherwi
One. Nginx installation of SSL certificate requires
Two configuration Files
1_ROOT_BUNDLE.CRT , 2_domainname.com.key.
Note: These three certificate files are in folder for Nginx.zip, example:1_root_bundle.crt is the root certificate chain (public key), 2_ Domainname.com.key is the private key.
(Where: Certificate public key, private key file is usually named after your domain name; the certificate suffix C
The code is as follows
Copy Code
OpenSSL x509-req-days 3650-in hupohost.csr-signkey hupohost.key-out hupohost.crt
Here 3650 is the certificate validity period recommendation 3650 haha. This is random. The last file to use is key and CRT files.If you need to use a PFX you can use the following command to generate
The code is as follows
Copy Code
OpenSSL pkcs12-export-inkey hupohost.key-in hupohost.crt-out hupohost.pfx
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.