A Dian Nginx
Nginx-- lightweight software, far higher concurrency and Apache (httpd).
Tengine-- Taobao Nginx web server-based project development.
Two Dian Nginx dependencies
gcc pcre-devel openssl-devel three fixed packet
New ordinary users, perform Nginx as a normal user, to avoid security risks
suid (command) --- increased authority
root -----> nginx demote
Wed and instruction
Nginx usage command
[Root @ proxy ~] # / usr / local / nginx / sbin / nginx # Start Service
[Root @ proxy ~] # / usr / local / nginx / sbin / nginx -s stop # service shut down
[Root @ proxy ~] # / usr / local / nginx / sbin / nginx -s reload # reload the configuration file (without shutting down services)
[Root @ proxy ~] # / usr / local / nginx / sbin / nginx -V # View software information
Four Dian ASCII GB2312
ASCII (English)
Scratch coding, generic coding mode computer
128 binary numbers
GB2312 (Chinese)
Generic coding utf-8
vim /usr/local/nginx/conf/nginx.conf
Symmetric encryption algorithm
Common symmetric encryption algorithms AES and DES (encryption and decryption is a key)
Asymmetric encryption algorithm
Common asymmetric encryption algorithm RSA and DSA (encryption and decryption are not the same key)
Information Summary
MD5 Dian sha256, mainly used in data integrity
Dian five ssl encryption
1) generating a private key and certificate
[root@proxy ~]# cd /usr/local/nginx/conf
[Root @ proxy ~] # openssl genrsa> cert.key // generates a secret key
[Root @ proxy ~] # openssl req -new -x509 -key cert.key> cert.pem // generate a certificate
2) modify the Nginx configuration file, encrypted Web site set up virtual hosts
[root@proxy ~]# vim /usr/local/nginx/conf/nginx.conf
… …
server {
listen 443 ssl;
server_name www.c.com;
ssl_certificate cert.pem; # This is the certificate file
ssl_certificate_key cert.key; # This is the private key file
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
3) reload the configuration
[root@proxy ~]# /usr/local/nginx/sbin/nginx -s reload
# Make sure nginx is a start state, or run the command error, the error message is as follows:
#[error] open() "/usr/local/nginx/logs/nginx.pid" failed (2: No such file or directory)
Step Two: Verify client
1) modify the client host / etc / hosts file 192.168.4.10, the domain name resolution
[root@client ~]# vim /etc/hosts
192.168.4.5 www.c.com www.a.com www.b.com