surroundings
Centos7.6
nginx-1.17.0
download
Official website: http://nginx.org/download/nginx-1.17.0.tar.gz
Environmental confirmation
In installation nginx
before first to confirm whether the system is installed gcc
, pcre-devel
, zlib-devel
,openssl-devel
- Check if the package is installed
yum list installed | grep xxx
- Install package
yum -y install gcc pcre-devel zlib-devel openssl openssl-devel
The picture above is installed
installation
- Will
nginx-1.17.0.tar.gz
upload to the server and unzip
tar -xzvf nginx-1.17.0.tar.gz
After decompression, it looks like this:
nginx
Compile and install under the directorynginx
./configure --prefix=/usr/local/nginx1.17.0 --conf-path=/usr/local/nginx1.17.0/nginx.conf --with-http_stub_status_module --with-http_ssl_module
--with-http_ssl_module
Configuration nginx
Support https
protocol access, do not use https
can not add the command
This command compiles nginx
the configuration file nginx.conf
is generated in nginx
the directory, because the compiler error, in this way, see the back of the error log, and therefore, nginx
the configuration file is no longer conf
in ofnginx.conf
- Sequential execution
make
,make install
compilation
make
make install
- Test whether the installation is successful
./sbin/nginx -t
- start up
nginx
./sbin/nginx
- stop
nginx
./sbin/nginx -s stop
- Reboot
nginx
./sbin/nginx -s reload
- View
nginx
process
ps -ef | grep nginx
- Access: The browser accesses the server
IP
(thenginx
default port is80
), and the following interface appears to prove success
Configure HTTPS
- Installed on the server
openssl
,openssl-devel
yum install openssl openssl-devel
- Create a certificate storage directory
mkdir /usr/local/nginx/conf/ssl
- Create server private key
openssl genrsa -des3 -out server.key 2048 #根据提示输入证书口令
- Create a certificate for signing request (
CSR
)
openssl req -new -key server.key -out server.csr #输入上面设置的口令,根据提示输入相应的信息
- To
key
decrypt
openssl rsa -in server.key -out server_nopasswd.key
- Sign the certificate using the above private key and
CSR
openssl x509 -req -days 365 -in server.csr -signkey server_nopasswd.key -out server.crt
vim
Modify thenginx
configuration file, load thessl
certificate
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/nginx-1.17.0/conf/ssl/server.crt;
ssl_certificate_key /usr/local/nginx-1.17.0/conf/ssl/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
-
Enter the certificate password to start
nginx
-
Browser access test:,
https://服务器IP + 端口443
if the following interface appears, it will succeed
Error log
nginx
Error:cp: `conf/koi-win' and `/usr/local/nginx/conf/koi-win' are the same file
The error is nginx
not specified when compiling and installing conf-path
, the problematic command:
./configure --prefix=/usr/local/nginx1.17.0 --with-http_stub_status_module --with-http_ssl_module
It is conf-path
normal after changing the command to the following specification :
./configure --prefix=/usr/local/nginx1.17.0 --conf-path=/usr/local/nginx1.17.0/nginx.conf --with-http_stub_status_module --with-http_ssl_module