Nginx -- -- configure SSL certificate

Enterprise 2022-09-04 10:49:15 views: null

Table of contents

1. Alibaba Cloud applies for a free SSL certificate

1. Open the Alibaba Cloud SSL Certificate page and click "Buy SSL Certificate"

2. Log in to the Alibaba Cloud SSL Certificate Management Console

3, Select "SSL Certificate" - "Free Certificate" - "Certificate Application"

4, Fill out the certificate application form

 Second, nginx adds ssl certificate

1. Turn off the firewall core protection

 2. Create a file to store the certificate and put it in the directory

 3. Generate a certificate and remove the password of the private key

 4. Add the ssl module to the installation directory

5. Compile the configuration file

windows add address mapping

1. Alibaba Cloud applies for a free SSL certificate

1. Open the Alibaba Cloud SSL Certificate page and click "Buy SSL Certificate"

 

 

2. Log in to the Alibaba Cloud SSL Certificate Management Console

 

3, Select "SSL Certificate" - "Free Certificate" - "Certificate Application"

4, Fill out the certificate application form

 

 Second, nginx adds ssl certificate

1. Turn off the firewall core protection

 2. Create a file to store the certificate and put it in the directory

[root@tomcat188 opt]#mkdir /usr/local/nginx/ssl_key
[root@tomcat188 opt]#cd /usr/local/nginx/ssl_key/

Certificate Authority, create private key

(This machine is the CA)

openssl genrsa -idea -out server.key 2048

2048 means that the more digits the more secure, the more common are 2048, 4096

 

 3. Generate a certificate and remove the password of the private key

openssl req -days 3650 -x509 -sha256 -nodes -newkey rsa:2048 -keyout server.key -out server.crt

req represents the request for certificate output

-days 3650 time=10 years

 -x509 Issue x509 format certificate command

-newkey   This option creates a new certificate request and a new private key. This parameter takes one of the following forms.  rsa:nbits  (where nbits is the number of bits) generates an RSA key of size nbits

 -key key

  -new means a new request

  -out output path

 4. Add the ssl module to the installation directory

cd /opt/nginx-1.15.9/

./configure --prefix=/usr/local/nginx --add-module=/usr/local/nginx-module-vts-master/ --prefix=/usr/local/nginx --with-http_ssl_module

make

don't make install

 shut down service

Then replace the nginx in the installation directory with the nginx just compiled in the source code

 

 View installation modules

Nginx -V

 

5. Compile the configuration file

 

 echo "<h1>this is https wxj</h1>" > /https-wxj/index.html

windows add address mapping

rewrite address rewrite (https redirect to http)

because /usr/local/nginx/conf/nginx.conf

Modify port 80

 

 Restart, test visit http://www.kya.com

Guess you like

Origin blog.csdn.net/m0_54594153/article/details/126647727
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com