1.查看是否已经安装 ssl 组件

[root@localhost wwwlogs]# cd /usr/local/nginx/sbin/
[root@localhost sbin]# ./nginx -V
nginx version: nginx/1.0.15
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-52)
TLS SNI support disabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-ipv6
如果已经有了 http_ssl_module 则表示已经安装.若没有, 则要重新编译一安装 nginx
 
2.生成 key
[root@localhost sbin]# cd /usr/local/nginx/conf/
[root@localhost conf]# openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
.......++++++
..........................................++++++
e is 65537 (0x10001)
Enter pass phrase for server.key:abcd
Verifying - Enter pass phrase for server.key:abcd
 
3.生成证书
[root@localhost conf]# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:abcd
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:CN
State or Province Name (full name) [Berkshire]:beijing
Locality Name (eg, city) [Newbury]:chaoyang
Organization Name (eg, company) [My Company Ltd]:test
Organizational Unit Name (eg, section) []:web
Common Name (eg, your name or your server's hostname) []:sunyu
Email Address []:sunyu@test.cn
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:1qazxsw23edc
An optional company name []:testcomp
 
[root@localhost conf]# cp server.key server.key.org
[root@localhost conf]# openssl rsa -in server.key.org -out server.key
Enter pass phrase for server.key.org:abcd
writing RSA key
[root@localhost conf]# openssl x509 -req -days 365 -in server.csr -signkey server.key -outserver.crt
Signature ok
subject=/C=CN/ST=beijing/L=chaoyang/O=easymobi/OU=web/CN=sunyu/emailAddress=sunyu@easymobi.cn
Getting Private key
 
4.配置 nginx
在配置文件中加入:
server
{
listen       443;
server_name test.test.cn;
index index.html index.htm index.php;
root  /home/wwwroot/vegtest/;
 
ssl on;
ssl_certificate /usr/local/nginx/conf/server.crt;
ssl_certificate_key /usr/local/nginx/conf/server.key;
}
然后访问 https://test.test.cn 即可看到效果.

centos nginx install openssl的更多相关文章

  1. Centos7 编译安装 Nginx Mariadb Asp.net Core2 (实测 笔记 Centos 7.3 + Openssl 1.1.0h + Mariadb 10.3.7 + Nginx 1.14.0 + Asp.net. Core 2 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

  2. Centos7 编译安装 Nginx PHP Mariadb Memcached 扩展 ZendOpcache扩展 (实测 笔记 Centos 7.3 + Openssl 1.1.0e + Mariadb 10.1.22 + Nginx 1.12.0 + PHP 7.1.4 + Laravel 5.4 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

  3. CentOS 6.6 nginx install

    /************************************************************************* * CentOS 6.6 nginx instal ...

  4. nginx反向代理cas-server之2:生成证书,centOS下使用openssl生成CA证书(根证书、server证书、client证书)

    前些天搭好了cas系统,这几天一致再搞nginx和cas的反向代理,一直不成功,但是走http还是测试通过的,最终确定是ssl认证证书这一块的问题,原本我在cas服务端里的tomcat已经配置了证书, ...

  5. centos+nginx从零开始配置负载均衡

    nginx负载均衡的理解 nginx是一个轻量级的.高性能的webserver,他主要可以干下面两件事: 作为http服务器(和apache的效果一样) 作为反向代理服务器实现负载均衡 现在nginx ...

  6. CentOS+Nginx一步一步开始配置负载均衡

    Nginx负载均衡的理解 http://www.linuxdiyf.com/linux/10205.html Nginx是一个轻量级的.高性能的WebServer,他主要可以干下面两件事: 作为htt ...

  7. Nginx Install 记录

    一.安装编译工具及库文件 yum -y install gcc yum -y install gcc-c++ yum -y install zlib; yum -y install pcre-deve ...

  8. CentOS+Nginx+PHP 前端部署

    都说Nginx比Apache性能优越,一直没有时间装测试,今天终于有时间装上试试性能了,其实Nginx的安装非常简单,具体流水步骤记录如下: 1.系统环境: ===================== ...

  9. Cacti监控服务器配置教程(基于CentOS+Nginx+MySQL+PHP环境搭建)

    Cacti监控服务器配置教程(基于CentOS+Nginx+MySQL+PHP环境搭建) 具体案例:局域网内有两台主机,一台Linux.一台Windows,现在需要配置一台Cacti监控服务器对这两台 ...

随机推荐

  1. Codeforces Round #236 (Div. 2)

    A. Nuts time limit per test:1 secondmemory limit per test:256 megabytesinput:standard inputoutput:st ...

  2. [codility]Falling-discs

    http://codility.com/demo/take-sample-test/omega2013 这题有点意思.首先经过思考,想到从底部往上扫,去迎接掉下来的disc.但这样仍然是不行的.后来看 ...

  3. ANDROID_MARS学习笔记_S01原始版_011_XML

    一.代码 1.xml(1)main.xml <?xml version="1.0" encoding="utf-8"?> <LinearLay ...

  4. Android开发UI之自定义控件的皮肤

    定义一个button的皮肤,设置属性android:background="@drawable/button_skin",button_skin.xml文件为要下文中的资源文件. ...

  5. Java开发所需架包官方下载

    1.连接MySQL数据库所需架包点击进入官网下载 2.连接Oracle数据库所需架包点击进入官网下载 3.JUnit测试所需架包点击进入官网下载或者点击进入官网下载 4.Struts所需架包点击进入官 ...

  6. 深刻理解C#的传值调用和传引用调用

    传值调用和传引用调用是几乎所有主流语言都会涉及到的问题,下面我谈谈我对C#中传值调用和传引用调用的理解. 1. 一般对C#中传值调用和传引用调用的理解 如果传递的参数是基元类型(int,float等) ...

  7. c语言输入与输出库函数#include<stdio.h>

    last modified: 2010-05-28 输入与输出<stdio.h> 头文件<stdio.h>定义了用于输入和输出的函数.类型和宏.最重要的类型是用于声明文件指针的 ...

  8. 创建通用型framework

    http://years.im/Home/Article/detail/id/52.html http://www.cocoachina.com/industry/20131204/7468.html ...

  9. HDU 1695 GCD 莫比乌斯反演

    分析:简单的莫比乌斯反演 f[i]为k=i时的答案数 然后就很简单了 #include<iostream> #include<algorithm> #include<se ...

  10. 处理Google Play的相关方法

    1.打开Google play软件的详细页面 Intent intent = new Intent(); intent.setAction(Intent.ACTION_VIEW); intent.se ...