ssl

 mkdir /usr/local/openresty/nginx/conf/ssl

 cd /usr/local/openresty/nginx/conf/ssl

 openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr -subj "/C=CN/ST=Gd/L=SZ/O=od.com/CN=harbor.od.com"
openssl x509 -req -in server.csr -out server.crt -signkey server.key -days 3650

服务一：静态站点

 mkdir /var/www/html -p
echo 80 >/var/www/html/index.html

服务二：反向代理站点

 python3 -m http.server &

场景1

 # /usr/local/openresty/nginx/conf/ssl.conf
worker_processes  1;
 
events {
    worker_connections  1024;
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
    
    server {
        listen 80;
        server_name harbor.od.com;
        return 301 https:$server_name$request_uri;
    }
 
    server {
        listen 443 ssl;
        server_name harbor.od.com;
        root /var/www/html;
 
        ssl_certificate ssl/server.crt;
        ssl_certificate_key ssl/server.key;
    }
}

 /usr/local/openresty/nginx/sbin/nginx -c /usr/local/openresty/nginx/conf/ssl.conf -t

场景2

 # /usr/local/openresty/nginx/conf/ssl.conf
worker_processes  1;
 
events {
    worker_connections  1024;
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
    
    server {
        listen 80;
        server_name harbor.od.com;
        return 301 https:$server_name$request_uri;
    }
 
    server {
        listen 443 ssl;
        server_name harbor.od.com;
        root /var/www/html;
 
        ssl_certificate ssl/server.crt;
        ssl_certificate_key ssl/server.key;
    }
    server {
        listen 8080;
        server_name harbor.od.com;
        return 301 https:$server_name:1443$request_uri;
    }
 
    server {
        listen 1443 ssl;
        server_name harbor.od.com;
 
        ssl_certificate ssl/server.crt;
        ssl_certificate_key ssl/server.key;
        location / {
        	proxy_pass http://127.0.0.1:8000;
        }
    }
}

场景3

 # /usr/local/openresty/nginx/conf/ssl.conf
worker_processes  1;
 
events {
    worker_connections  1024;
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
    
    server {
        listen 80;
        server_name harbor.od.com;
        return 301 https:$server_name$request_uri;
    }
 
    server {
        listen 443 ssl;
        server_name harbor.od.com;
 
 
        ssl_certificate ssl/server.crt;
        ssl_certificate_key ssl/server.key;
        location / {
        	root /var/www/html;
        }
		location /api {
        	proxy_pass http://127.0.0.1:8000;
        }
    }
}

免费的ssl证书 https://linuxiac.com/zerossl-how-to-install-ssl-certificate/

posted @ 2024-04-29 19:02 mingtian是吧阅读(8) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

相关博文：

· http服务

· 安装nginx

· openssl

· nginx 安装SSL证书

· nginx-ssl

阅读排行：
· 无需6万激活码！GitHub神秘组织3小时极速复刻Manus，手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 葡萄城 AI 搜索升级：DeepSeek 加持，客户体验更智能
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏

公告

昵称： mingtian是吧
园龄： 4年7个月
粉丝： 0
关注： 0

+加关注

2025年3月

日

一

二

三

四

五

六

随笔分类

随笔档案

文章分类

阅读排行榜

评论排行榜

1. 时间戳的字段时间异常(1)

ssl

公告

搜索

常用链接

我的标签

随笔分类

随笔档案

文章分类

阅读排行榜

评论排行榜

推荐排行榜

最新评论

	openssl genrsa -out server.key 2048
	openssl req -new -key server.key -out server.csr -subj "/C=CN/ST=Gd/L=SZ/O=od.com/CN=harbor.od.com"
	openssl x509 -req -in server.csr -out server.crt -signkey server.key -days 3650

	# /usr/local/openresty/nginx/conf/ssl.conf
	worker_processes 1;

	events {
	worker_connections 1024;
	}


	http {
	include mime.types;
	default_type application/octet-stream;

	server {
	listen 80;
	server_name harbor.od.com;
	return 301 https:$server_name$request_uri;
	}

	server {
	listen 443 ssl;
	server_name harbor.od.com;
	root /var/www/html;

	ssl_certificate ssl/server.crt;
	ssl_certificate_key ssl/server.key;
	}
	}