利用nginx搭建https服务器

 1 [root@origalom ssl]# openssl req -new -key server.key -out server.csr
 2 Enter pass phrase for server.key:  ← 输入前面创建的密码
 3 You are about to be asked to enter information that will be incorporated
 4 into your certificate request.
 5 What you are about to enter is what is called a Distinguished Name or a DN.
 6 There are quite a few fields but you can leave some blank
 7 For some fields there will be a default value,
 8 If you enter ‘.‘, the field will be left blank.
 9 -----
10 Country Name (2 letter code) [XX]:CN  ← 国家代号，中国输入CN 
11 State or Province Name (full name) []:BeiJing ← 省的全名，拼音 
12 Locality Name (eg, city) [Default City]:BeiJing ← 市的全名，拼音 
13 Organization Name (eg, company) [Default Company Ltd]:MyCompany Corp.   ← 公司英文名 
14 Organizational Unit Name (eg, section) []:  ← 可以不输入 
15 Common Name (eg, your name or your server‘s hostname) []:  ← 可以不输入 
16 Email Address []:1430156396@qq.com  ←  电子邮箱 
17 
18 Please enter the following ‘extra‘ attributes
19 to be sent with your certificate request
20 A challenge password []:     ← 可以不输入 
21 An optional company name []:    ← 可以不输入 

 1 server {
 2         listen       443 ssl;
 3         server_name  www.origal.cn;     # 域名或者ip
 4 
 5         ssl_certificate      /usr/local/nginx/conf/ssl/214324938610703.pem;
 6         ssl_certificate_key  /usr/local/nginx/conf/ssl/214324938610703.key;
 7 
 8         ssl_session_cache    shared:SSL:1m;
 9         ssl_session_timeout  5m;
10 
11         ssl_ciphers  HIGH:!aNULL:!MD5;
12         ssl_prefer_server_ciphers  on;
13 
14         location / {
15             root   html;
16             index  index.html index.htm;
17         }
18     }