这篇文章主要介绍了Nginx如何配置ssl实现https,具有一定借鉴价值,感兴趣的朋友可以参考下,希望大家阅读完这篇文章之后大有收获,下面让小编带着大家一起了解一下。
检查是否已安装 ssl 模块:
cd /usr/local/nginx/sbin ./nginx -V
[root@server-c00ef8c3-710d-4708-9cde-2c864e7c03e2 sbin]# ./nginx -V nginx version: nginx/1.21.4 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) configure arguments: --prefix=/usr/local/nginx
如果没出现 configure arguments: --with-http_ssl_module 说明没有安装。
cd /usr/local/nginx-1.21.4 ./configure --prefix=/usr/local/nginx --with-http_ssl_module make cp ./objs/nginx /usr/local/nginx/sbin/
再次检查是否已安装 ssl 模块:
cd /usr/local/nginx/sbin ./nginx -V
[root@server-c00ef8c3-710d-4708-9cde-2c864e7c03e2 sbin]# ./nginx -V nginx version: nginx/1.21.4 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --with-http_ssl_module
将申请好的 ssl 证书拷贝至 cert 目录下:
cd /usr/local/nginx/conf vi nginx.conf
新增 https server 配置:
#管理端https server { listen 443 ssl; server_name admin-xxxxx.xxx.xxx; ssl_certificate ../cert/server.crt; ssl_certificate_key ../cert/server.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_pass http://localhost:10003; } }
/usr/local/nginx/sbin/nginx -s reload
或
ps -ef|grep nginx kill xxx /usr/local/nginx/sbin/nginx
补充:如果 80 端口被占用,用kill [id]来结束进程:
# 查看端口使用 $ netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0: LISTEN 21307/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN 3072/sshd
tcp 0 0 0.0.0.0:443 0.0.0.0???? LISTEN 21307/nginx: master
# 结束 80 端口进程
$ kill 21307
再次重启 nginx :
$ /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
感谢你能够认真阅读完这篇文章,希望小编分享的“Nginx如何配置ssl实现https”这篇文章对大家有帮助,同时也希望大家多多支持亿速云,关注亿速云行业资讯频道,更多相关知识等着你来学习!
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。