nginx配置https加密访问的详细教程

yum -y install wget gcc gcc-c++ pcre-devel openssl-devel

 wget http://nginx.org/download/nginx-1.19.0.tar.gz

[root@localhost ~]# tar xf nginx-1.19.0.tar.gz [root@localhost ~]# cd nginx-1.19.0[root@localhost nginx-1.19.0]# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module && make && make install

[root@localhost nginx-1.19.0]# cd /usr/local/nginx/[root@localhost nginx]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx

[root@localhost nginx]# mkdir sslkey[root@localhost nginx]# cd sslkey/[root@localhost sslkey]# openssl genrsa -des3 -out server.key 1024

[root@localhost sslkey]# openssl req -new -key server.key -out server.csr

[root@localhost sslkey]# openssl req -x509 -days 3650 -key server.key -in server.csr > server.crt

[root@localhost sslkey]# openssl rsa -in server.key -out server.key.unsecure

[root@localhost conf]# pwd/usr/local/nginx/conf[root@localhost conf]# vim nginx.conf

server {  listen  443;  server_name localhost;  ssl_certificate   /usr/local/nginx/sslkey/server.crt;  ssl_certificate_key  /usr/local/nginx/sslkey/server.key.unsecure;  ssl_protocols   TLSv1 TLSv1.1 TLSv1.2;  ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;  ssl_prefer_server_ciphers on;

[root@localhost conf]# nginx[root@localhost conf]# ss -nltp|grep 443LISTEN  0  128   *:443      *:*     users:(("nginx",pid=25949,fd=6),("nginx",pid=25948,fd=6))