How to configure Nginx ssl certificate to achieve https secure access

# Prerequisite: Have a server and your own domain name that can be resolved to the server.

1. Installation and configuration of Nginx

If you have installed Nginx, you need to check whether your Nginx has the SSL module function enabled:

./nginx -V

If it is displayed as above, it means that the ssl function has been turned on, otherwise the following error message may appear:

nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/ nginx.conf:%

Installation steps

1. Download the nginx compressed package from the official website nginx: download
We first go to the official website to download the latest stable version of nginx

Then use xftp or rz to upload to our server

# Unzip the compressed package

tar -zxvf nginx-1.22.1.tar.gz

Then enter the directory and check if there is Executable permission (is it green), no execution permission is given

# Grant execution permission

chmod +x configure

2. The environment required to install nginx

Install some environments needed for nginx before installation

# c编译器
yum -y install gcc gcc-c++ autoconf automake make
# 解析正则的pcre库
yum install -y pcre pcre-devel
# 添加对gzip的支持
yum install -y zlib zlib-devel
# SSL
yum -y install pcre  pcre-devel zlib  zlib-devel openssl openssl-devel

3. Start the installation

./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

make

2. Obtain the SSL certificate

You can use openssl .cn Get a free certificate:

Baidu Security Verification

3. Nginx configuration

Put the obtained ssl certificate on the server and configure the corresponding path.

    server {
        listen       80;
        #填写绑定证书的域名
        server_name  dragonwu.xyz;
    
        #charset koi8-r;
    
        #access_log  logs/host.access.log  main;
    
        #强制将http的URL重写成https
        return 301 https://$host$request_uri;
    }
 
    server {
        listen       443 ssl;
        server_name  dragonwu.xyz; #你的域名
 
        ssl_certificate      /usr/local/ssl/dragonwu.xyz_cert_chain.pem; #证书
        ssl_certificate_key  /usr/local/ssl/dragonwu.xyz_key.key;  #证书
 
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
 
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
 
        location / {
            root   html;
            index  index.html index.htm;
        }
    }

Nginx server reload:

./nginx -s reload

Note: Port 443 must be opened. Before, I could not access it because port 443 was protected by a firewall. Go, just open port 443!

The above is the detailed content of How to configure Nginx ssl certificate to achieve https secure access. For more information, please follow other related articles on the PHP Chinese website!