【Nginx】Linux 环境下 Nginx 配置SSL 证书
一、解压三个包到相同目录编译nginx
cd /usr/local/src/nginx-1.12.2
# 将下列的包版本号换成自己下载的版本号 ./configure --prefix=/usr/local/nginx --with-openssl=../openssl-1.0.2e --with-pcre --with-zlib=../zlib-1.2.11 --with-stream --with-stream_ssl_module --with-http_ssl_module --with-http_v2_module --with-threads make make install
二、 将域名对应的SSL证书 上传到 nginx 中的 html中(任意位置,我上传选择的是html文件)
#user nobody;
worker_processes 2; worker_cpu_affinity 0001 0010; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; #gzip on; #doctor upstream doc { server **.**.***.***:8081; #ip :端口号 } #patient upstream pat { server **.**.***.***:8082;#ip:端口号 } server { listen 443; server_name XXXXXX.com;#域名 #charset koi8-r; #access_log logs/host.access.log main; ssl on; ssl_certificate /usr/local/nginx/html/1211658__XXXXX.com.pem; #(证书公钥) ssl_certificate_key /usr/local/nginx/html/1211658__XXXXX.com.key; #(证书私钥) ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location /pat/ { proxy_pass http://pat; # tomcat服务器地址 } location /doc/ { proxy_pass http://doc; } } }
三、重启nginx 就可以了