【一】nginx安装
nginx安装带ssl扩展:
cd /usr/local/src #进入用户目录
wget http://nginx.org/download/nginx-1.15.0.tar.gz #下载最新版本nginx
tar -zxvf nginx-1.15.0.tar.gz #解压
cd nginx-1.15.0 #进入目录
./configure --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre --with-http_realip_module --with-http_image_filter_module #检测
说明--prefix 指定安装目录
make #编译
make install #安装
安装服务实现自启动
#vim /lib/systemd/system/nginx.service [Unit] Description=nginx After=network.target [Service] Type=forking ExecStart=/opt/nginx/sbin/nginx ExecReload=/opt/nginx/sbin/nginx -s reload ExecStop=/opt/nginx/sbin/nginx -s stop PrivateTmp=true [Install] WantedBy=multi-user.target #chmod 754 /lib/systemd/system/nginx.service #systemctl start nginx.service #systemctl enable nginx.service
常用命令:启动nginx服务
/opt/nginx/sbin/nginx
常用命令:平滑重启nginx
/opt/nginx/sbin/nginx -s reload
【二】nginx配置ssl
cd / #找到根目录
find -name nginx.conf #查找nginx.conf的配置文件
vi /opt/nginx/conf/nginx.conf
upstream hello{ server 127.0.0.1:3000; } server { listen 80; server_name ssl.22.cn; rewrite ^(.*)$ https://$host$1 permanent; #http强制跳转https #charset koi8-r; #access_log logs/host.access.log main; location / { proxy_pass http://hello; #代理 } } # HTTPS server server { listen 443 ssl; server_name ssl.22.cn; ssl_certificate key/ssl.22.cn_ssl.crt; #证书 ssl_certificate_key key/ssl.22.cn_ssl.key; #私钥 ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass http://hello; } }
【三】如何生成证书?
上 https://ssl.22.cn 申请个免费证书, 简单快捷
点击【立即下单】支付好就完成啦~~ 后面自己再补全下资料哦
