Home  >  Article  >  Operation and Maintenance  >  How to configure Nginx ssl certificate to achieve https secure access

How to configure Nginx ssl certificate to achieve https secure access

王林
王林forward
2023-05-12 22:28:042466browse

    # Prerequisite: Have a server and your own domain name that can be resolved to the server.

    1. Installation and configuration of Nginx

    If you have installed Nginx, you need to check whether your Nginx has the SSL module function enabled:

    ./nginx -V

    How to configure Nginx ssl certificate to achieve https secure access

    If it is displayed as above, it means that the ssl function has been turned on, otherwise the following error message may appear:

    nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/ nginx.conf:%

    Installation steps

    1. Download the nginx compressed package from the official website nginx: download
    We first go to the official website to download the latest stable version of nginx

    How to configure Nginx ssl certificate to achieve https secure access

    Then use xftp or rz to upload to our server

    # Unzip the compressed package

    tar -zxvf nginx-1.22.1.tar.gz

    Then enter the directory and check if there is Executable permission (is it green), no execution permission is given

    # Grant execution permission

    chmod +x configure

    2. The environment required to install nginx

    Install some environments needed for nginx before installation

    # c编译器
    yum -y install gcc gcc-c++ autoconf automake make
    # 解析正则的pcre库
    yum install -y pcre pcre-devel
    # 添加对gzip的支持
    yum install -y zlib zlib-devel
    # SSL
    yum -y install pcre  pcre-devel zlib  zlib-devel openssl openssl-devel

    3. Start the installation

    ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
    make

    2. Obtain the SSL certificate

    You can use openssl .cn Get a free certificate:

    Baidu Security Verification

    3. Nginx configuration

    Put the obtained ssl certificate on the server and configure the corresponding path.

        server {
            listen       80;
            #填写绑定证书的域名
            server_name  dragonwu.xyz;
        
            #charset koi8-r;
        
            #access_log  logs/host.access.log  main;
        
            #强制将http的URL重写成https
            return 301 https://$host$request_uri;
        }
     
        server {
            listen       443 ssl;
            server_name  dragonwu.xyz; #你的域名
     
            ssl_certificate      /usr/local/ssl/dragonwu.xyz_cert_chain.pem; #证书
            ssl_certificate_key  /usr/local/ssl/dragonwu.xyz_key.key;  #证书
     
            ssl_session_cache    shared:SSL:1m;
            ssl_session_timeout  5m;
     
            ssl_ciphers  HIGH:!aNULL:!MD5;
            ssl_prefer_server_ciphers  on;
     
            location / {
                root   html;
                index  index.html index.htm;
            }
        }

    Nginx server reload:

    ./nginx -s reload

    How to configure Nginx ssl certificate to achieve https secure access

    Note: Port 443 must be opened. Before, I could not access it because port 443 was protected by a firewall. Go, just open port 443!

    The above is the detailed content of How to configure Nginx ssl certificate to achieve https secure access. For more information, please follow other related articles on the PHP Chinese website!

    Statement:
    This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete