在已经安装的nginx上,增加ssl模块
1. /usr/local/nginx/sbin/nginx -V 查看nginx版本与编译安装了哪些模块
nginx version: nginx/1.10.3
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments:
注意是V。v只显示版本号
2. 下载nginx 1.10.3, 并且configure
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
3. 执行make ,千万不要make install 否则会覆盖现有的nginx
4. 关闭nginx
5. copy ~/download/nginx-1.10.3/objs/nginx 到现有的/usr/local/nginx/sbin/nginx
6. /usr/local/nginx/sbin/nginx -V 查看编译安装的模块
nginx version: nginx/1.10.3
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
7. 修改nginx.conf文件
server {
server_name xxx.yyy.com;
listen 443;
ssl on;
ssl_certificate /usr/local/nginx/conf/xxx.com_server.txt; #公钥
ssl_certificate_key /usr/local/nginx/conf/xxx.com_private.txt; #私钥
location / {
# location的一堆配置
#
#
# ################
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
###########################80端口的处理###############################
server {
listen 80;
server_name xxx.yyy.com;
send_timeout 1800;
rewrite ^(.*)$ https://xxx.yyy.com$1 permanent; # 80端口跳转
}