一.查看nginx模块
/usr/local/nginx/sbin/nginx -V
二.安装openssl包
yum -y install pcre pcre-devel zlib zlib-devel openssl openssl-devel
三.重新编译nginx源码包,并且生成了新的obj目录
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-file-aio --with-http_realip_module
make ###到此结束, 千万不要make install ,否则会覆盖以前nginx的目录
四.备份nginx启动程序并且复制新生成obj目录的nginx启动文件
1.首先备份以前的启动程序
cp /usr/local/nginx/sbin/nginx nginx.bak
2.复制obj新生成的启动程序,覆盖到以前的nginx
cp /usr/local/nginx-1.7.9/objs/nginx /usr/local/nginx/sbin/nginx
3.检测nginx是否有问题,并切坚持模块是否添加成功
五.添加虚拟主机并且添加ssl域名证书。
1 server { 2 listen 80; 3 server_name XX; 4 access_log /usr/local/nginx/logs/jXX_access.log; 5 error_log /usr/local/nginx/logs/XX_error.log; 6 location / { 7 proxy_set_header X-Real-IP $remote_addr; 8 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 9 proxy_set_header Host $http_host; 10 proxy_set_header X-NginX-Proxy true; 11 proxy_pass http://XX/; 12 proxy_redirect off; 13 } 14 # error_page 500 502 503 504 /50x.html; 15 #location = /50x.html { 16 # root $root_path; 17 # } 18 } 19 server { 20 listen 443; 21 server_name XXX; 22 ssl on; 23 ssl_certificate /usr/local/nginx/conf/cert/214.pem; 24 ssl_certificate_key /usr/local/nginx/conf/cert/21.key; 25 ssl_session_timeout 5m; 26 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; 27 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 28 ssl_prefer_server_ciphers on; 29 30 location / { 31 proxy_set_header X-Real-IP $remote_addr; 32 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 33 proxy_set_header Host $http_host; 34 proxy_set_header X-NginX-Proxy true; 35 proxy_pass http://XXX/; 36 proxy_redirect off; 37 } 38 39 40 }
六.域名访问
