码迷,mamicode.com
首页 > 其他好文 > 详细

nginx配置ssl

时间:2018-03-01 13:21:36      阅读:103      评论:0      收藏:0      [点我收藏+]

标签:nginx配置   dir   lis   sig   nbsp   oca   post   time   name   

  • ssl脚本申请

#!/bin/bash if ! rpm -qa | grep -q "openssl\|openssl-devel" then yum install -y openssl openssl-devel fi src=/opt/nginx/conf password=123456 Country=cn Province=cq City=cq Company=test Org=test hostname=www.jforum.com eAddress=xxx.qq.com mkdir -p ${src}/ssl cd ${src}/ssl openssl genrsa -des3 -out server.key 1024 << EOF ${password} ${password} EOF openssl req -new -key server.key -out server.csr << EOF ${password} ${Country} ${Province} ${City} ${Company} ${Org} ${hostname} ${eAddress} ${password} ${Company} EOF openssl rsa -in server.key -out server_nopassword.key << EOF ${password} EOF openssl x509 -req -days 365 -in server.csr -signkey server_nopassword.key -out server.crt

#生成这4个文件 :server.crt  server.csr  server.key  server_nopassword.key
#脚本:需要手动输入4次密码。都是一样的

 

  • nginx配置
server {
        listen 80;
        server_name  test.com;
        index        index.html index.htm;
        rewrite ^/(.*)$ https://$server_name/$1 permanent;
}
server {
    listen       443 ssl;
    server_name  test.com;
    ssl_certificate      /opt/nginx/conf/ssl/server.crt; #主要是这两个文件
    ssl_certificate_key  /opt/nginx/conf/ssl/server_nopassword.key; #主要是这两个文件
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    location / {
        root /opt/nginx/html;
        index index.html index.htm;
    }
}

 

nginx配置ssl

标签:nginx配置   dir   lis   sig   nbsp   oca   post   time   name   

原文地址:https://www.cnblogs.com/hanxiaohui/p/8487791.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!