Nginx configures SSL access locally

Language 2022-05-26 15:17:16 views: null

Continue to create, accelerate growth! This is the second day of my participation in the "Nuggets Daily New Plan · June Update Challenge", click to view the details of the event

Sometimes, our 正式environment needs configuration Httpsaccess! ! !

Many times, we need to get the SSLcertificate of the official environment, open a domain name, and a series of work before we can carry out our Httpsconfiguration functions.

The local development environment does not have the corresponding certificate, and it is not easy to perform related operations such as configuration and testing! ! !

So let's talk about how to Httpsaccess the configuration in the local development environment! ! !

Then let's take the nginxserver as an example! ! ! ^_^

1. Configuration steps

1.1 Generate a certificate

keytool -genkey -v -alias nginx -keyalg RSA -keystore nginx.keystore -validity 36500
复制代码

alias isnginx

The keystore file isnginx.keystore

validity is valid for 36500 days

image.png

According to the above figure, you can help us generate the nginx.keystorefile

1.2 Convert the certificate format

JKS2PFX.bat nginx.keystore 123456 nginx exportfile .
复制代码

This JKS2PFX.batis a tool, download address

nginx.keystore, is the file we just generated

123456, is the password we just generated the nginx.keystore file and set

nginx, is the alias we just set

exportfile, is the name of the file we want to generate

., the directory where the ssl certificate is generated, indicating the current folder

image.png

运行方式:
JKS2PFX.bat <KeyStore文件> <KeyStore密码> <Alias别名> <导出文件名> [目录]
复制代码

The transformation produces:

image.png

We copy the two files exportfile.crt and exportfile.key to the ssl directory of nginx's conf

image.png

1.3 Configure nginx

server {
    listen 443 ssl;
    server_name localhost;
    ssl_certificate ssl/exportfile.crt;
    ssl_certificate_key ssl/exportfile.key; 
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m; 
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    location / {
        proxy_set_header Host       $host;
        proxy_pass http://localhost/;
    }
}
复制代码

image.png

Once configured, use nginx -s reload to restart.

This configuration supports both http and https

image.png

Indicates that it has sslbeen configured

image.png

1.4 Attention

nginx needs to support ssl , if not, you need to add a security module.

image.png

  • with-http_ssl_module: ssl module, no, you can install it yourself

Well, the SSL configuration of nginx is here! ! !

I'm here first today, skimming, skimming! ! ! ^_^

If you find it useful, please help 点个赞! ! !

image.png

Guess you like

Origin juejin.im/post/7102023120315219976
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com