CENTOS6.5 Nginx 安装HTTPS服务
一、安装SSL服务
yum -y install openssl openssl-devel
mkdir /etc/nginx/ssl
cd /etc/nginx/sslopenssl genrsa -des3 -out phpwebhome.key 1024
openssl rsa -in phpwebhome.key -out phpwebhomenopass.key #拷贝一个不需要输入密码的密钥文件
openssl req -new -key phpwebhomenopass.key -out phpwebhome.csr #生成一个无密码证书请求
openssl x509 -req -days 365 -in phpwebhome.csr -signkey phpwebhomenopass.key -out phpwebhome.crt #自己签发无密码证书iptables -I INPUT -p tcp --dport 443 -j ACCEPT #开启防火墙443端口
service iptables save
service iptables restart
二、修改Nginx站点配置文件
server {
listen 443;
server_name www.phpwebhome.com;
ssl on;
ssl_certificate /etc/nginx/ssl/phpwebhome.crt;
ssl_certificate_key /etc/nginx/ssl/phpwebhomenopass.key;ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;location / {
root /home/www/html;
index index.php index.html index.htm;
}#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /home/www/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "open_basedir=$document_root:/tmp/";
include fastcgi_params;
}# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
转载请注明:RAIN MAN » CENTOS6.5 Nginx 安装HTTPS服务
还没有人抢沙发呢~