Configure https access for nginx and nginxhttps access

Configure https access for nginx and nginxhttps access

I. Preparation

Environment: centos6.8

Nginx: 1.13.6

Ii. Start

First install the dependency package:

Yum install-y gcc-c ++ autoconf automake make zlib-devel openssl-devel pcre-devel

Start Installation

Tar-xf nginx-1.13.6.tar.gz

Cd nginx-1.13.6

./Configure -- prefix =/usr/local/nginx -- with-pcre -- with-http_stub_status_module -- with-http_gzip_static_module -- with-http_ssl_module

Make & make install

3. Configure an https signature certificate

Create an https certificate storage directory: mkdir cert

Create a private key: openssl genrsa-des3-out https. key 1024

Create a signature request certificate: openssl req-new-key https. key-out https. csr

Remove the required password when loading SSL-supported Nginx and using the above private key:

Cp https. key https.key.org

Openssl rsa-in https.key.org-out https. key

Finally, mark the certificate using the above private key and CSR and validity period: openssl x509-req-days 365-in https. csr-signkey https. key-out https. crt

4. Configure https for nginx

　　Configure vim nginx. conf

Server {

Listen 443 ssl;

Server_name 192.168.2.90;

Ssl_certificate/usr/local/nginx/cert/https. crt;

Ssl_certificate_key/usr/local/nginx/cert/https. key;

# Ssl_session_cache shared: SSL: 1 m;

Ssl_session_timeout 5 m;

# Ssl_ciphers HIGH :! ANULL :! MD5;

# Ssl_prefer_server_ciphers on;

Location /{

Root html;

Index index.html index.htm;

}

}

5. Complete

Start nginx:/usr/local/nginx/sbin/nginx

After changing the configuration, restart nginx:/usr/local/nginx/sbin/nginx-s reload.

Access through a browser: https: // ip

Note: The self-created certificate browser will prompt you for danger. You can select "pass.