Centos下nginx配置https证书的操作步骤

这篇文章主要讲解了“Centos下nginx配置https证书的操作步骤”，文中的讲解内容简单清晰，易于学习与理解，下面请大家跟着小编的思路慢慢深入，一起来研究和学习“Centos下nginx配置https证书的操作步骤”吧！1、首先配置nginx及其他插件，这个Google下，很多配置方案。2、配置服务器的证书。操作步骤如下：[root@localhost ~]# cd /etc/pki/tls/certs[root@localhost certs]# make server.keyumask 77 ;/usr/bin/openssl genrsa -aes128 2048 > server.keyGenerating RSA private key, 2048 bit long modulus………………………………………………++++++………….++++++e is 61251 (0x10001)Enter pass phrase:# set passphraseVerifying – Enter pass phrase:# confirm# remove passphrase from private key[root@localhost certs]# openssl rsa -in server.key -out server.keyEnter pass phrase for server.key:# input passphrasewriting RSA key[root@localhost certs]#[root@localhost certs]# make server.csrumask 77 ;/usr/bin/openssl req -utf8 -new -key server.key -out server.csrYou are about免费主机域名 to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there wil免费主机域名l be a default value,If you enter ‘.’, the field will be left blank.—–Country Name (2 letter code) [XX]:CN #countryState or Province Name (full name) [e]:Beijing #stateLocality Name (eg, city) [Default City]:Beijing #cityOrganization Name (eg, company) [Default Company Ltd]:Test #companyOrganizational Unit Name (eg, section) []:Test Haha #departmentCommon Name (eg, your server’s hostname) []:www.test.com #server’s FQDNEmail Address []:admin@test.com # email addressPlease enter the following ‘extra’ attributesto be sent with your certificate requestA challenge password []:# EnterAn optional company name []:# Enter[root@localhost certs]#[root@localhost certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650Signature oksubject=/C=CN/ST=Beijing/L=Beijing/O=Test/OU=Test Haha/CN=www.test.com,/emailAddress=admin@test.comGetting Private key[root@localhost certs]# chmod 400 server.*3、配置nginx的conf文件#server {# listen 80;# server_name happy.cc.com;# rewrite ^(.*)$ permanent;# }server { listen 80; listen 443 ssl; server_name happy.cc.com; location / { root /data/www/cloud; index index.html; } ssl on; ssl_certificate /data/webserver/nginx/conf/server.crt; ssl_certificate_key /data/webserver/nginx/conf/server.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; #autoindex on; location = /favicon.ico { log_not_found off; access_log off; } location ~ .php$ { root /data/www/cloud; fastcgi_pass unix:/tmp/php-cgi.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www/cloud$fastcgi_script_name; include fastcgi_params; } location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*.(js|css)?$ { expires 1h; } access_log /data/log/nginx/happy.access.log access; error_log /data/log/nginx/happy.error.log warn; }4、打开iptables的443端口感谢各位的阅读，以上就是“Centos下nginx配置https证书的操作步骤”的内容了，经过本文的学习后，相信大家对Centos下nginx配置https证书的操作步骤这一问题有了更深刻的体会，具体使用情况还需要大家实践验证。这里是云技术，小编将为大家推送更多相关知识点的文章，欢迎关注！

相关推荐: 怎么解决Mysql数据库提示innodb表不存在的问题

本篇内容主要讲解“怎么解决Mysql数据库提示innodb表不存在的问题”，感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷，实用性强。下面就让小编来带大家学习“怎么解决Mysql数据库提示innodb表不存在的问题”吧!发现mysql的error.log里…