12.17 Nginx负载均衡 12.18 ssl原理 12.19 生成ssl密钥对 12.20 N
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了12.17 Nginx负载均衡 12.18 ssl原理 12.19 生成ssl密钥对 12.20 N相关的知识,希望对你有一定的参考价值。
12.17 nginx负载均衡
[[email protected] ~]# yum install -y bind-utils
[[email protected] ~]# dig www.qq.com
ANSWER SECTION:
www.qq.com. 73 IN A 59.37.96.63
www.qq.com. 73 IN A 14.17.42.40
www.qq.com. 73 IN A 14.17.32.211
[[email protected] ~]# curl -x127.0.0.1:80 www.qq.com
This is the default site.
[[email protected] ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] ~]# /usr/local/nginx/sbin/nginx -s reload
[[email protected] ~]# curl -x127.0.0.1:80 www.qq.com -I
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Fri, 16 Mar 2018 14:24:38 GMT
Content-Type: text/html; charset=GB2312
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Expires: Fri, 16 Mar 2018 14:25:38 GMT
Cache-Control: max-age=60
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Cache: HIT from tianjin.qq.com
12.18 ssl原理
12.19 生成ssl密钥对
12.20 Nginx配置ssl
[[email protected] conf]# cat /usr/local/nginx/conf/vhost/ssl.conf
server
{
listen 443;
server_name martin.com;
index index.html index.php;
root /data/wwwroot/test.com;
ssl on;
ssl_certificate martin.crt;
ssl_certificate_key martin.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
[[email protected] conf]# cat /usr/local/nginx/conf/vhost/ssl.conf
server
{
listen 443;
server_name martin.com;
index index.html index.php;
root /data/wwwroot/test.com;
ssl on;
ssl_certificate martin.crt;
ssl_certificate_key martin.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
[[email protected] conf]# /usr/local/nginx/sbin/nginx -t
[[email protected] conf]# cd /usr/local/src/nginx-1.12.1
[[email protected] conf]#./configure --prefix=/usr/local/nginx --with-http_ssl_module
[[email protected] conf]#make
[[email protected] conf]#make install
[[email protected] conf]# /usr/local/nginx/sbin/nginx -t
[[email protected] conf]# mkdir /data/wwwroot/martin.com
[[email protected] conf]# vim /data/wwwroot/martin.com/1.php
[[email protected] conf]# curl https://martin.com
curl: (60) Peer‘s certificate issuer has been marked as not trusted by the user.
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn‘t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you‘d like to turn off curl‘s verification of the certificate, use
the -k (or --insecure) option.
以上是关于12.17 Nginx负载均衡 12.18 ssl原理 12.19 生成ssl密钥对 12.20 N的主要内容,如果未能解决你的问题,请参考以下文章
12.17 Nginx负载均衡 12.18 ssl原理 12.19 生成ssl密钥对 12.20 N
12.17Nginx负载均衡12.18ssl原理12.19生成ssl密钥对 20Nginx配置ssl
12.17 Nginx负载均衡 12.18 ssl原理 12.19 生成ssl密钥对 12.20 N
12.17 Nginx负载均衡;12.18 ssl原理;12.19 生产ssl密钥对;12.20 Nginx配置ssl