nginx配置https加密访问的详细教程

yum -y install wget gcc gcc-c++ pcre-devel openssl-devel

 wget http://nginx.org/download/nginx-1.19.0.tar.gz

[root@localhost ~]# tar xf nginx-1.19.0.tar.gz 
[root@localhost ~]# cd nginx-1.19.0
[root@localhost nginx-1.19.0]# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module && make && make install

[root@localhost nginx-1.19.0]# cd /usr/local/nginx/
[root@localhost nginx]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx

[root@localhost nginx]# mkdir sslkey
[root@localhost nginx]# cd sslkey/
[root@localhost sslkey]# openssl genrsa -des3 -out server.key 1024

[root@localhost sslkey]# openssl req -new -key server.key -out server.csr

[root@localhost sslkey]# openssl req -x509 -days 3650 -key server.key -in server.csr > server.crt

[root@localhost sslkey]# openssl rsa -in server.key -out server.key.unsecure

[root@localhost conf]# pwd
/usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf

server {
  listen  443;
  server_name localhost;
  ssl_certificate   /usr/local/nginx/sslkey/server.crt;
  ssl_certificate_key  /usr/local/nginx/sslkey/server.key.unsecure;
  ssl_protocols   tlsv1 tlsv1.1 tlsv1.2;
  ssl_ciphers  ecdhe-rsa-aes128-gcm-sha256:ecdhe:ecdh:aes:high:!null:!anull:!md5:!adh:!rc4;
  ssl_prefer_server_ciphers on;

[root@localhost conf]# nginx
[root@localhost conf]# ss -nltp|grep 443
listen  0  128   *:443      *:*     users:(("nginx",pid=25949,fd=6),("nginx",pid=25948,fd=6))