Centos 7 source code installation nginx (1.16.1) + ssl + Ali certificate configuration

Others 2020-04-11 13:02:08 views: null

Ngninx installed directly using yum does not support ssl by default, so you need to compile and install from code

1. Check the version to be installed

http://nginx.org/en/download.html
Here we still choose the stable version 1.16.1

Second, install dependencies first

yum install gcc gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel -y

Third, download the source code

Switch to the / usr / local / src directory, download the source code and unzip

cd /usr/local/src
wget http://nginx.org/download/nginx-1.16.1.tar.gz
tar -zxvf nginx-1.16.1.tar.gz

Fourth, compile the source code

cd /usr/local/src/nginx-1.16.1
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

Screenshot after successful compilation

Compile the error solution, skip directly without error

  1. . Error: ./ configure: error: the HTTP
    rewrite module requires the PCRE library cause of the problem: the need to compile and install nginx pcre package, not installed, then it will error
    Solution:
    yum -y install zlib zlib-devel OpenSSL OpenSSL - devel pcre pcre -devel

  2. Error: File "/ usr / bin / yum", line 30 except KeyboardInterrupt, e:
    cause of the problem: yum uses python as the command interpreter, the original python interpreter of the system is python2.7, and the default interpreter of the system is python3 .7
    Solution:
    vim / usr / bin / yum
    modify the first behavior: #! / Usr / bin / python2.7
    vi / usr / libexec / urlgrabber-ext-down
    modify the first behavior: #! / Usr / bin / python2.7

  3. Error: File "/ bin / yum-config-manager", line 135 except yum.Errors.RepoError, e:
    cause of the problem: yum uses python as the command interpreter, the original python interpreter of the system is python2.7, the system The default interpreter is python3.7
    solution:
    vim / bin / yum-config-manager
    modify the first line: #! / Usr / bin / python2.7

  4. Error: ./configure: error: SSL modules require the OpenSSL library.
    Cause: Missing SSL library
    Solution: yum -y install openssl openssl-devel

Five, install nginx

Use instructions if nginx is already installed

make

If not installed or uninstalled

make && make install

Six, view the nginx version information

View the compiled nginx version

/usr/local/src/nginx-1.16.1/objs/nginx -V


View the nginx version after installation

/usr/local/nginx/sbin/nginx -V

Seven, update nginx, this step is used to install nginx to update the bin file, ignore it if it is installed

cp objs/nginx /usr/local/nginx/sbin/

Copy the bin file and check the next version

/usr/local/nginx/sbin/nginx -V

Eight, configure the boot to start automatically

vim /lib/systemd/system/nginx.service

Copy and save the following content (after pressing ESC: wq save and exit)

[Unit]
Description=nginx service
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Set boot from boot

systemctl enable nginx


Start, check status, restart nginx, set of 3 instructions

systemctl start nginx
systemctl status nginx
systemctl restart nginx

You can reboot the machine and check the nginx status

Nine, configure the nginx environment variable

Generally, after modifying the configuration, restart with nginx -s reload

nginx -s reload

The following prompt appears is that no environment variables are configured

Open / etc / profile

vim /etc/profile

Add the following 2 lines of configuration to the last line (ESC: wq save and exit)

PATH=$PATH:/usr/local/nginx/sbin
export PATH

After the configuration takes effect, you can use nginx -s reload

source /etc/profile

Ten, Alibaba Cloud certificate configuration

Put the certificate applied by Alibaba Cloud into the directory / usr / local / nginx / conf / cert (the file can also be specified by yourself) to
configure domain name resolution

vi  /usr/local/nginx/conf/nginx.conf

Increase the configuration and change the following www.yuming.com to your own domain name

server {
    listen       80;
    server_name  www.yuming.com;
    return       301 https://$server_name$request_uri;
}
server {
    listen       443 ssl;   // nginx1.15之后用这个语法
    server_name  wwww.yuming.com;
    ssl_certificate   cert/www.yuming.com.pem;
    ssl_certificate_key  cert/www.yuming.com.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-Ip $remote_addr;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:8001;
        proxy_redirect off;
    }
}

Guess you like

Origin www.cnblogs.com/nickchou/p/12678354.html
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com