码迷,mamicode.com
首页 > Web开发 > 详细

创建https证书

时间:2017-11-11 00:31:05      阅读:247      评论:0      收藏:0      [点我收藏+]

标签:timeout   events   set   back   forward   UI   .com   ges   []   

第一个里程碑:创建https证书

创建文件认证目录

mkdir /application/nginx/key/ -p

在认证目录下创建认证文件

  1. openssl req -new -x509 -nodes -out server.crt -keyout server.key
  2. ?
  3. Generating a 2048 bit RSA private key
  4. .......+++
  5. ......................................+++
  6. writing new private key to ‘server.key‘
  7. -----
  8. You are about to be asked to enter information that will be incorporated
  9. into your certificate request.
  10. What you are about to enter is what is called a Distinguished Name or a DN.
  11. There are quite a few fields but you can leave some blank
  12. For some fields there will be a default value,
  13. If you enter ‘.‘, the field will be left blank.
  14. -----
  15. Country Name (2 letter code) [XX]:CH
  16. State or Province Name (full name) []:bj
  17. Locality Name (eg, city) [Default City]:bj
  18. Organization Name (eg, company) [Default Company Ltd]: 回车
  19. Organizational Unit Name (eg, section) []: 回车
  20. Common Name (eg, your name or your server‘s hostname) []: 回车
  21. Email Address []: 回车

编写 nginx配置文件 (在负载均衡上配置)

  1. worker_processes 1;
  2. events {
  3. ????worker_connections 1024;
  4. }
  5. http {
  6. ????include mime.types;
  7. ????default_type application/octet-stream;
  8. ????sendfile on;
  9. ????keepalive_timeout 65;
  10. ????upstream www_pools {
  11. ??????server 10.0.0.8;
  12. ???}
  13. ????upstream bbs_pools {
  14. ??????server 10.0.0.7;
  15. ???}
  16. ????upstream blog_pools {
  17. ??????server 10.0.0.9;
  18. ????}
  19. ????server {
  20. ????????listen 443 ssl;
  21. ????????listen 80;
  22. ????????server_name www.etiantian.org;
  23. ????????ssl_certificate /application/nginx/key/server.crt;
  24. ????????ssl_certificate_key /application/nginx/key/server.key;
  25. ????????ssl_session_cache shared:SSL:1m;
  26. ????????ssl_session_timeout 5m;
  27. ????????ssl_ciphers HIGH:!aNULL:!MD5;
  28. ????????ssl_prefer_server_ciphers on;
  29. ????????location / {
  30. ????????????proxy_pass http://www_pools;
  31. ????????????proxy_set_header Host $host;
  32. ????????????proxy_set_header X-Forwarded-For $remote_addr;
  33. ????????}
  34. ????}
  35. ????server {
  36. ????????listen 80;
  37. ????????????server_name bbs.etiantian.org;
  38. ????????location / {
  39. ????????????proxy_pass http://bbs_pools;
  40. ????????????proxy_set_header Host $host;
  41. ????????????proxy_set_header X-Forwarded-For $remote_addr;
  42. ????????}
  43. ????}
  44. ????????server {
  45. ????????listen 80;
  46. ????????????server_name c.etiantian.org;
  47. ????????location / {
  48. ????????????proxy_pass http://bbs_pools;
  49. ????????????proxy_set_header Host $host;
  50. ????????????proxy_set_header X-Forwarded-For $remote_addr;
  51. ????????}
  52. ????}
  53. ?
  54. ????server {
  55. ????????listen 80;
  56. ????????????server_name blog.etiantian.org;
  57. ????????location / {
  58. ????????????proxy_pass http://blog_pools;
  59. ????????????proxy_set_header Host $host;
  60. ????????????proxy_set_header X-Forwarded-For $remote_addr;
  61. ????????}
  62. ????}
  63. }

测试

技术分享

创建https证书

标签:timeout   events   set   back   forward   UI   .com   ges   []   

原文地址:http://www.cnblogs.com/jksbaduen/p/7816747.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!