Home > Article > Operation and Maintenance > How to configure Nginx ssl certificate to achieve https secure access
# Prerequisite: Have a server and your own domain name that can be resolved to the server.
If you have installed Nginx, you need to check whether your Nginx has the SSL module function enabled:
./nginx -V
If it is displayed as above, it means that the ssl function has been turned on, otherwise the following error message may appear:
nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/ nginx.conf:%
1. Download the nginx compressed package from the official website nginx: download
We first go to the official website to download the latest stable version of nginx
Then use xftp or rz to upload to our server
# Unzip the compressed package
tar -zxvf nginx-1.22.1.tar.gz
Then enter the directory and check if there is Executable permission (is it green), no execution permission is given
# Grant execution permission
chmod +x configure
2. The environment required to install nginx
Install some environments needed for nginx before installation
# c编译器 yum -y install gcc gcc-c++ autoconf automake make # 解析正则的pcre库 yum install -y pcre pcre-devel # 添加对gzip的支持 yum install -y zlib zlib-devel # SSL yum -y install pcre pcre-devel zlib zlib-devel openssl openssl-devel
3. Start the installation
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
make
You can use openssl .cn Get a free certificate:
Baidu Security Verification
Put the obtained ssl certificate on the server and configure the corresponding path.
server { listen 80; #填写绑定证书的域名 server_name dragonwu.xyz; #charset koi8-r; #access_log logs/host.access.log main; #强制将http的URL重写成https return 301 https://$host$request_uri; } server { listen 443 ssl; server_name dragonwu.xyz; #你的域名 ssl_certificate /usr/local/ssl/dragonwu.xyz_cert_chain.pem; #证书 ssl_certificate_key /usr/local/ssl/dragonwu.xyz_key.key; #证书 ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }
Nginx server reload:
./nginx -s reload
Note: Port 443 must be opened. Before, I could not access it because port 443 was protected by a firewall. Go, just open port 443!
The above is the detailed content of How to configure Nginx ssl certificate to achieve https secure access. For more information, please follow other related articles on the PHP Chinese website!