CentOS7 concatenates the implementation of Nginx to support HTTPS access

  • 2020-05-13 04:24:41
  • OfStack

CentOS7 configure Nginx to support HTTPS access

1. Install git and bc

yum -y install git bc

2. Install Nginx

1. Preparation:

yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel

2. Download:

wget https://nginx.org/download/nginx-1.11.6.tar.gz

3. Unzip:

tar zxvf nginx-1.11.6.tar.gz

4. Compile and install:

cd nginx-1.11.6
./configure --with-ipv6 --with-http_ssl_module
make install

3. Apply for the SSL certificate

1. Download Let's Encrypt

git clone https://github.com/wjg1101766085/certbot.git

2. Run Let's Encrypt

cd certbot

Generate file:

cert.pem: domain name certificate
chain.pem: The Let's Encrypt certificate
fullchain.pem: the above two are combined
privkey.pem: certificate key

4. Configuration Nginx

1. Modify the nginx.conf file

nano /usr/local/nginx/conf/nginx.conf

ssl_certificate /etc/letsencrypt/live/ The domain name /fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ The domain name /privkey.pem;
server_name  The domain name ;

5. Automatic renewal of certificates

Create a timed task to execute the letsencrypt path/letsencrypt-auto renew

Such as:

crontab -e
 new 1 line 
30 2 * * 1 letsencrypt The path /letsencrypt-auto renew

Thank you for reading, I hope to help you, thank you for your support of this site!

Related articles: