Nginx网站实现ssl安全套接字
nginx.conf配置
server {
listen 443 ssl;
server_name www.example.com;
ssl on;
ssl_certificate cert.pem;
ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /home;
index index.html index.htm;
}
通过openssl生成证书
cd /usr/local/nginx/conf/
openssl genrsa -out cert.key 2048
openssl req -new -x509 -key cert.key -out cert.pem
echo "Error, file not found" > /usr/local/nginx/html/404.html
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
service iptables save
完成以后重启nginx
访问https://www.example.com
We are down, but not beaten. tested but not defeated.
