Linux中Nginx中添加自签证书TLS
程序员文章站
2023-08-02 22:36:46
创建自签证书TLS 查看自签证书信息 配置使用TLS证书 nginx配置内容如下: ......
创建自签证书tls
openssl req \ -newkey rsa:2048 \ -x509 \ -nodes \ -keyout test.com.key \ -new \ -out test.com.crt \ -subj /cn=test.com \ -reqexts san \ -extensions san \ -config <(cat /etc/pki/tls/openssl.cnf \ <(printf '[san]\nsubjectaltname=dns:test.com')) \ -sha256 \ -days 3650
查看自签证书信息
openssl x509 -in test.com.crt -noout -text
配置使用tls证书
nginx配置内容如下:
server {
listen 443;
server_name test.com ;
ssl on;
ssl_certificate /etc/pki/tls/test.crt;
ssl_certificate_key /etc/pki/tls/test.key;
ssl_protocols tlsv1 tlsv1.1 tlsv1.2;
# fix 'the logjam attack'.
ssl_ciphers eecdh+aesgcm:edh+aesgcm:aes256+eecdh:aes256+edh;
ssl_prefer_server_ciphers on;
......
......
}
上一篇: shell基础篇