CentOS7配置Nginx支持HTTPS訪問
CentOS7配置Nginx支持HTTPS訪問
1.安裝git和bc
[html]view plaincopy
- yum-yinstallgitbc
2.安裝Nginx
(1)准備:
[html]view plaincopy
- yuminstall-ygcc-c++pcrepcre-develzlibzlib-developensslopenssl-devel
(2)下載:
[html]view plaincopy
- wgethttps://nginx.org/download/nginx-1.11.6.tar.gz
(3)解壓:
[html]view plaincopy
- tarzxvfnginx-1.11.6.tar.gz
(4)編譯安裝:
[html]view plaincopy
- cdnginx-1.11.6
- ./configure--with-ipv6--with-http_ssl_module
- make
- makeinstall
3.申請SSL證書
(1)下載Let’s Encrypt
[html]view plaincopy
- gitclonehttps://github.com/wjg1101766085/certbot.git
(2)運行Let’s Encrypt
[html]view plaincopy
- cdcertbot
- ./letsencrypt-auto
生成文件:
[html]view plaincopy
- cert.pem:域名證書
- chain.pem:TheLet’sEncrypt證書
- fullchain.pem:上面兩者合體
- privkey.pem:證書密鑰
4.配置Nginx
(1)修改nginx.conf文件
[html]view plaincopy
- nano/usr/local/nginx/conf/nginx.conf
(2)添加:
[html]view plaincopy
- ssl_certificate/etc/letsencrypt/live/域名/fullchain.pem;
- ssl_certificate_key/etc/letsencrypt/live/域名/privkey.pem;
(3)修改:
[html]view plaincopy
- server_name域名;
5.自動續簽證書
創建定時任務執行 letsencrypt路徑/letsencrypt-auto renew
例如:
[html]view plaincopy
- crontab-e
- 新增一行
- 302**1letsencrypt路徑/letsencrypt-autorenew
http://xxxxxx/Linuxjc/1184761.html TechArticle