surroundings
Centos7.6nginx-1.17.0
download
Official website: http://nginx.org/download/nginx-1.17.0.tar.gz
Environmental confirmation
In installation nginxbefore first to confirm whether the system is installed gcc, pcre-devel, zlib-devel,openssl-devel
- Check if the package is installed
yum list installed | grep xxx
- Install package
yum -y install gcc pcre-devel zlib-devel openssl openssl-devel
The picture above is installed
installation
- Will
nginx-1.17.0.tar.gzupload to the server and unzip
tar -xzvf nginx-1.17.0.tar.gz
After decompression, it looks like this:
nginxCompile and install under the directorynginx
./configure --prefix=/usr/local/nginx1.17.0 --conf-path=/usr/local/nginx1.17.0/nginx.conf --with-http_stub_status_module --with-http_ssl_module
--with-http_ssl_moduleConfiguration nginxSupport httpsprotocol access, do not use httpscan not add the command 
This command compiles nginxthe configuration file nginx.confis generated in nginxthe directory, because the compiler error, in this way, see the back of the error log, and therefore, nginxthe configuration file is no longer confin ofnginx.conf
- Sequential execution
make,make installcompilation
make
make install
- Test whether the installation is successful
./sbin/nginx -t
- start up
nginx
./sbin/nginx
- stop
nginx
./sbin/nginx -s stop
- Reboot
nginx
./sbin/nginx -s reload
- View
nginxprocess
ps -ef | grep nginx
- Access: The browser accesses the server
IP(thenginxdefault port is80), and the following interface appears to prove success
Configure HTTPS
- Installed on the server
openssl,openssl-devel
yum install openssl openssl-devel
- Create a certificate storage directory
mkdir /usr/local/nginx/conf/ssl
- Create server private key
openssl genrsa -des3 -out server.key 2048 #根据提示输入证书口令
- Create a certificate for signing request (
CSR)
openssl req -new -key server.key -out server.csr #输入上面设置的口令,根据提示输入相应的信息
- To
keydecrypt
openssl rsa -in server.key -out server_nopasswd.key
- Sign the certificate using the above private key and
CSR
openssl x509 -req -days 365 -in server.csr -signkey server_nopasswd.key -out server.crt
vimModify thenginxconfiguration file, load thesslcertificate
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/nginx-1.17.0/conf/ssl/server.crt;
ssl_certificate_key /usr/local/nginx-1.17.0/conf/ssl/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
-
Enter the certificate password to start
nginx
-
Browser access test:,
https://服务器IP + 端口443if the following interface appears, it will succeed
Error log
nginxError:cp: `conf/koi-win' and `/usr/local/nginx/conf/koi-win' are the same file
The error is nginxnot specified when compiling and installing conf-path, the problematic command:
./configure --prefix=/usr/local/nginx1.17.0 --with-http_stub_status_module --with-http_ssl_module
It is conf-pathnormal after changing the command to the following specification :
./configure --prefix=/usr/local/nginx1.17.0 --conf-path=/usr/local/nginx1.17.0/nginx.conf --with-http_stub_status_module --with-http_ssl_module