效果:
nginx添加ssl模块
./configure --with-http_ssl_module
生成证书
openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 1096 -key ca.key -out ca.crt
配置文件
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
return 301 https://$server_name$request_uri;
}
}
# HTTPS server
server {
listen 443 ssl;
server_name localhost;
ssl_certificate ca/ca.crt;
ssl_certificate_key ca/ca.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
}
启动
./sbin/nginx -c conf/ca.conf
