歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux綜合 >> 學習Linux

CentOS7配置Nginx支持HTTPS訪問

CentOS7配置Nginx支持HTTPS訪問

CentOS7配置Nginx支持HTTPS訪問


1.安裝git和bc
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. yum-yinstallgitbc

2.安裝Nginx
(1)准備:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. yuminstall-ygcc-c++pcrepcre-develzlibzlib-developensslopenssl-devel
(2)下載:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. wgethttps://nginx.org/download/nginx-1.11.6.tar.gz
(3)解壓:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. tarzxvfnginx-1.11.6.tar.gz
(4)編譯安裝:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. cdnginx-1.11.6
  2. ./configure--with-ipv6--with-http_ssl_module
  3. make
  4. makeinstall

3.申請SSL證書
(1)下載Let’s Encrypt
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. gitclonehttps://github.com/wjg1101766085/certbot.git
(2)運行Let’s Encrypt
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. cdcertbot
  2. ./letsencrypt-auto
生成文件:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. cert.pem:域名證書
  2. chain.pem:TheLet’sEncrypt證書
  3. fullchain.pem:上面兩者合體
  4. privkey.pem:證書密鑰

4.配置Nginx
(1)修改nginx.conf文件
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. nano/usr/local/nginx/conf/nginx.conf
(2)添加:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. ssl_certificate/etc/letsencrypt/live/域名/fullchain.pem;
  2. ssl_certificate_key/etc/letsencrypt/live/域名/privkey.pem;
(3)修改:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. server_name域名;

5.自動續簽證書
創建定時任務執行 letsencrypt路徑/letsencrypt-auto renew
例如:
[html]view plaincopy在CODE上查看代碼片派生到我的代碼片
  1. crontab-e
  2. 新增一行
  3. 302**1letsencrypt路徑/letsencrypt-autorenew

http://xxxxxx/Linuxjc/1184761.html TechArticle

Copyright © Linux教程網 All Rights Reserved