CentOS7 配置Nginx支持HTTPS访问的实现方案
<p><strong>CentOS7配置Nginx支持HTTPS访问</strong></p>
<p>
1.安装git和bc</p>
<p>
<span>yum -y install git bc</span></p>
<p>
2.安装Nginx</p>
<p>
1.准备: </p>
<p>
<span>yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel</span></p>
<p>
2.下载: </p>
<p>
<span>wget https://nginx.org/download/nginx-1.11.6.tar.gz</span></p>
<p>
3.解压: </p>
<p>
<span>tar zxvf nginx-1.11.6.tar.gz</span></p>
<p>
4.编译安装: </p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_712894">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash functions">cd</code> <code class="bash plain">nginx-1.11.6</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">.</code><code class="bash plain">/configure</code> <code class="bash plain">--with-ipv6 --with-http_ssl_module</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash functions">make</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash functions">make</code> <code class="bash functions">install</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<strong>3.申请SSL证书</strong></p>
<p>
<strong> 1.下载Let's Encrypt</strong> </p>
<p>
git clone https://github.com/wjg1101766085/certbot.git</p>
<p>
<strong> 2.运行Let's Encrypt </strong></p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_805108">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash functions">cd</code> <code class="bash plain">certbot</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">.</code><code class="bash plain">/letsencrypt-auto</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
生成文件: </p>
<p>
cert.pem: 域名证书<br>
chain.pem: The Let's Encrypt 证书<br>
fullchain.pem: 上面两者合体<br>
privkey.pem: 证书密钥</p>
<p>
<strong>4.配置Nginx</strong></p>
<p>
1.修改nginx.conf文件 </p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_608523">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">nano </code><code class="bash plain">/usr/local/nginx/conf/nginx</code><code class="bash plain">.conf</code>
</div>
<div class="line number2 index1 alt1">
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">添加: </code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">ssl_certificate </code><code class="bash plain">/etc/letsencrypt/live/</code><code class="bash plain">域名</code><code class="bash plain">/fullchain</code><code class="bash plain">.pem;</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash plain">ssl_certificate_key </code><code class="bash plain">/etc/letsencrypt/live/</code><code class="bash plain">域名</code><code class="bash plain">/privkey</code><code class="bash plain">.pem;</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">修改:</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash plain">server_name 域名;</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<strong>5.自动续签证书</strong></p>
<p>
创建定时任务执行 letsencrypt路径/letsencrypt-auto renew</p>
<p>
例如:</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_343102">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash functions">crontab</code> <code class="bash plain">-e</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">新增一行</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">30 2 * * 1 letsencrypt路径</code><code class="bash plain">/letsencrypt-auto</code> <code class="bash plain">renew</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
感谢阅读,希望能帮助到大家,谢谢大家对本站的支持!</p>
<p>
原文链接:https://my.oschina.net/u/1463317/blog/790697</p>
頁:
[1]