nginx配置ssl

yongzhang 2020-05-10

1.安装openssl开发环境

1. yum install openssl
2. yum install openssl-devel

2.生成私钥和证书


// 1.生成私钥
openssl genrsa -out 254.key 1024

// 2.生成CSR(证书签名请求)
openssl req -new -key 254.key -out 254.csr

// 3.删除密钥中的密码
openssl rsa -in 254.key -out 254.key

// 4.生成自签名证书
openssl x509 -req -days 365 -in 254.csr -signkey 254.key -out 254.crt

// 5.生成pem格式的证书
openssl x509 -in server.crt -out server.pem -outform PEM

3. 配置ssl文件
server {
listen 443 ssl;
server_name 254.com;
ssl_certificate /etc/nginx/ssl_certs/254.pem;
ssl_certificate_key /etc/nginx/ssl_certs/254.key;
#ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

root /mnt/hgfs/project/nginx_html/;
charset utf-8;

location / {
}
}

相关推荐