nginx配置ssl

Posted xgmxm

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了nginx配置ssl相关的知识,希望对你有一定的参考价值。

  • ssl脚本申请

#!/bin/bash

if ! rpm -qa | grep -q "openssl\|openssl-devel"
then
      yum install -y openssl  openssl-devel
fi

src=/opt/nginx/conf
password=123456
Country=cn
Province=cq
City=cq
Company=test
Org=test
hostname=www.jforum.com
eAddress=xxx.qq.com

mkdir -p ${src}/ssl
cd ${src}/ssl

openssl genrsa -des3 -out server.key 1024 << EOF
${password}
${password}
EOF

openssl req -new -key server.key -out server.csr << EOF
${password}
${Country}
${Province}
${City}
${Company}
${Org}
${hostname}
${eAddress}
${password}
${Company}
EOF

openssl rsa -in server.key -out server_nopassword.key << EOF
${password}
EOF

openssl x509 -req -days 365 -in server.csr -signkey server_nopassword.key -out server.crt

#生成这4个文件 :server.crt  server.csr  server.key  server_nopassword.key
#脚本:需要手动输入4次密码。都是一样的

 

  • nginx配置
server {
        listen 80;
        server_name  test.com;
        index        index.html index.htm;
        rewrite ^/(.*)$ https://$server_name/$1 permanent;
}
server {
    listen       443 ssl;
    server_name  test.com;
    ssl_certificate      /opt/nginx/conf/ssl/server.crt; #主要是这两个文件
    ssl_certificate_key  /opt/nginx/conf/ssl/server_nopassword.key; #主要是这两个文件
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    location / {
        root /opt/nginx/html;
        index index.html index.htm;
    }
}

 





以上是关于nginx配置ssl的主要内容,如果未能解决你的问题,请参考以下文章

Nginx负载均衡ssl原理生成ssl密钥对Nginx配置ssl

nginx负载均衡,ssl原理,生成ssl秘钥对,nginx配置ssl

nginx配置ssl证书,允许ssl访问

Nginx负载均衡 ssl原理 生成ssl密钥对 Nginx配置ssl

Nginx配置SSL证书

Nginx配置SSL证书