Configure HTTPS certificate for nginx under Windows
1. openssl installation tutorial:
Official website download: openSSL: http://slproweb.com/products/Win32OpenSSL.html
1. Double-click Win64OpenSSL_Light-3_1_0.exe
2. Install openssl
3. Select the installation path: install it in the root directory of nginx.
4. Next, the default is enough, and click Next all the time. until finish.
Second, configure the OpenSSL environment variable:
1) Add OpenSSL in the system variable , and the address is the installation path.
Right-click This Computer--"Click Properties--"Click Advanced System Settings--"Click Environment Variables--"Find System Variables and click New.
Fill in the variable name and variable value. (The variable value is the bin directory of OpenSSL)
2) Add %OpenSSL% to the system variable PATH
Find Path --"Click Edit--"Click New--"Fill in %OpenSSL%-"Click OK all the time.
3. Use the OpenSSL command to generate an https certificate:
- Create an ssl folder under the nginx folder to store certificates.
- Open the system window under the created ssl folder.
- Create a private key and set your own password, which will be used later.
创建私钥: openssl genrsa -des3 -out 666tp.key 1024
这里需要输入密码:123456
创建csr证书:openssl req -new -key 666tp.key -out 666tp.csr
输入密码:123456
接下来一直回车即可,全部默认。
复制文件: copy 666tp.key 666tp.key.copy
去除密码: openssl rsa -in 666tp.key.copy -out 666tp.key
输入密码:123456
生成 crt 证书: openssl x509 -req -days 365 -in 666tp.csr -signkey 666tp.key -out 666tp.crt
Fourth, modify the nginx.conf configuration file:
The certificate is generated and the nginx configuration file is configured.
- Open \conf\nginx.conf under the nginx folder
server {
listen 443 ssl;
server_name localhost;
ssl_certificate D:/nginx/nginx-1.22.1/ssl/666tp.crt;
ssl_certificate_key D:/nginx/nginx-1.22.1/ssl/666tp.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
-
After configuration, restart nginx:
nginx.exe -s reload
-
Check the startup status of nginx . After the startup is successful, use https to access (the above is a self-signed certificate, which can be used as a test, but it may prompt that it is not safe, you need to purchase or apply for a certificate yourself)