nginx USES the ssl module to configure HTTPS support
- 2020-05-12 06:58:35
- OfStack
By default, the ssl module is not installed. If you want to use the ssl module, you need to specify at compile time the copy of the with-http_ssl_module parameter. The installation module relies on the OpenSSL library and some reference files, which are usually not in the same package. Usually this file name is similar to libssl-dev.
Generate a certificate
You can generate a simple certificate by following these steps:
First, go to the directory where you want to create the certificate and private key, for example:
$ cd /usr/local/nginx/conf
Create a server private key and the command will ask you to enter a password:
$ openssl genrsa -des3 -out serverkey 1024
Create a certificate to sign the request (CSR) :
$ openssl req -new -key serverkey -out servercsr
Remove the required password when loading Nginx supported by SSL and using the above private key:
$ cp serverkey serverkeyorg
$ openssl rsa -in serverkeyorg -out serverkey
Configuration nginx
Finally, mark the certificate with the above private key and CSR:
$ openssl x509 -req -days 365 -in servercsr -signkey serverkey -out servercrt
Modify the Nginx configuration file to include the newly marked certificate and private key:
server {
server_name YOUR_DOMAINNAME_HERE;
listen 443;
ssl on;
ssl_certificate /usr/local/nginx/conf/servercrt;
ssl_certificate_key /usr/local/nginx/conf/serverkey;
}
Restart nginx.
This allows access to: https://YOUR_DOMAINNAME_HERE
In addition, the following code can be added to achieve port 80 redirect to 443IT paradise
server {
listen 80;
server_name wwcentosbz;
rewrite ^(*) https://$server_name$1 permanent;
}