centos安裝nginx並配置SSL證書

安裝nginx的命令nginx

sudo yum install epel-release
sudo yum install nginx

讓nginx隨系統啓動而啓動服務器

sudo systemctl enable nginx

經常使用命令session

啓動:nginx
中止:nginx -s stop
重載配置:nginx -s reload

配置路徑:/etc/nginx/
日誌路徑:/var/log/nginx

打開配置文件
在HTTP節點下配置兩個server節點,其餘不變dom

server 
	{
		listen 443;
		server_name your-domain.com www.your-domain.com;
		ssl on;
		ssl_certificate  /root/ssl/your-domain.crt;
		ssl_certificate_key /root/ssl/your-domain.key;
		ssl_session_timeout 5m;
		ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
		ssl_prefer_server_ciphers on;
		location / {
			proxy_buffer_size  128k;
			proxy_buffers   32 32k;
			proxy_busy_buffers_size 128k;
			proxy_pass http://127.0.0.1:912;
		}
	}
	server
	{
		listen 80;
		server_name your-domain.com www.your-domain.com;
    	rewrite ^(.*)$ https://$host$1 permanent;
	}
  • your-domain.com替換成你本身的域名
  • your-domain.crt和your-domain.key是你的證書文件,換成你本身的證書文件路徑
  • 域名解析,增長兩個A記錄,主機名一個是www的,一個是@,記錄值是你服務器的IP地址
  • 配置完成以後要從新加載nginx:nginx -s reload
相關文章
相關標籤/搜索