Home > Article > Operation and Maintenance > How to configure Nginx to implement ssl to implement https
How to configure Nginx to implement ssl to implement https
- WBOYforward
- 2023-05-25 08:31:051238browse
1. Install Nginx ssl module
1. Check
Check whether the ssl module has been installed:
cd /usr/local/nginx/sbin ./nginx -V
[root@server-c00ef8c3-710d-4708-9cde-2c864e7c03e2 sbin]# ./nginx -V nginx version: nginx/1.21.4 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) configure arguments: --prefix=/usr/local/nginx
If configure arguments do not appear: --with-http_ssl_module Description Not installed.
2. Installation
cd /usr/local/nginx-1.21.4 ./configure --prefix=/usr/local/nginx --with-http_ssl_module make cp ./objs/nginx /usr/local/nginx/sbin/
3. Check again
Check again whether the ssl module has been installed:
cd /usr/local/nginx/sbin ./nginx -V
[root@server-c00ef8c3-710d-4708-9cde-2c864e7c03e2 sbin]# ./nginx -V nginx version: nginx/1.21.4 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --with-http_ssl_module
2. Deploy the ssl certificate
Copy the applied ssl certificate to the cert directory:
3. Configure nginx.conf
cd /usr/local/nginx/conf vi nginx.conf
Add https server configuration:
#管理端https
server {
listen 443 ssl;
server_name admin-xxxxx.xxx.xxx;
ssl_certificate ../cert/server.crt;
ssl_certificate_key ../cert/server.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://localhost:10003;
}
}4. Restart Nginx
/usr/local/nginx/sbin/nginx -s reload
or
ps -ef|grep nginx kill xxx /usr/local/nginx/sbin/nginx
Supplement: If port 80 is occupied, use kill [id] to end the process:
# 查看端口使用 $ netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0 : LISTEN 21307/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN 3072/sshd
tcp 0 0 0.0.0.0:443 0.0.0.0???? LISTEN 21307/nginx: master
# End the 80 port process
$ kill 21307
Restart nginx again:
$ /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
The above is the detailed content of How to configure Nginx to implement ssl to implement https. For more information, please follow other related articles on the PHP Chinese website!