Use the letsencrypt. sh script in Centos 6.8 to configure a free https certificate for nginx.
1. Download letsencrypt. sh
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.confwget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
2. Modify the parameters of the letsencrypt. conf file.
# Vim letsencrypt. conf # only modify the values, key files will be generated automaticly. ACCOUNT_KEY = "letsencrypt-account.key" DOMAIN_KEY = "mtian.net. key "DOMAIN_DIR ="/usr/local/nginx/html "# DOMAINS =" DNS: mtian.net, DNS: www.mtian.net "# Your Website domain name, multiple Domain Names are separated by commas (,) # ECC = TRUE # LIGHTTPD = TRUE
3. Execute the file to generate the ssl Certificate file required by https
Add execution permission and execute # chmod + x letsencrypt. sh #. /letsencrypt. sh letsencrypt. after conf runs, the following file letsencrypt-account.key mtian is generated in the current directory. csrletsencrypt. conf mtian. chained. crt mtian.net. keyletsencrypt. sh mtian. crt
5. Modify the nginx configuration file and add https
# vim /usr/local/nginx/conf/nginx.conf server { listen 443 ssl; server_name www.mtian.net; ssl on; ssl_certificate /usr/local/nginx/conf/mtian.chained.crt; ssl_certificate_key /usr/local/nginx/conf/mtian.net.key; location / { root html; index index.html index.htm; } }
6. Copy the mtian. chained. crt and mtian.net. key Files generated by letsencrypt. sh to the/usr/local/nginx/conf/directory specified in nginx. conf/
# cp mtian.chained.crt /usr/local/nginx/conf/# cp mtian.net.key /usr/local/nginx/conf/
7. Restart nginx
# service nginx restartStopping nginx: [ OK ]Starting nginx: [ OK ]