HTTPS 服务器搭建
利用NGINX搭建HTTPS服务器不是一件困难的事情,过程包括以下几步
第一步:利用OpenSSL制作证书
第二步:安装NGINX,configure中保证加入ngx_http_ssl_module.c模块
[root@localhost ~]# wget "http://nginx.org/download/nginx-1.6.2.tar.gz"; --2015-03-10 16:42:13-- http://nginx.org/download/nginx-1.6.2.tar.gz Resolving nginx.org... 206.251.255.63 Connecting to nginx.org|206.251.255.63|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 804164 (785K) [application/octet-stream] Saving to: `nginx-1.6.2.tar.gz.1' 100%[==============================================================================================================================>] 804,164 37.0K/s in 15s 2015-03-10 16:42:29 (53.1 KB/s) - `nginx-1.6.2.tar.gz.1' saved [804164/804164] [root@localhost ~]# tar zvxf nginx-1.6.2.tar.gz [root@localhost ~]# cd nginx-1.6.2
从configure --help中,我们可以看到 需要加上ssl模块
[root@localhost nginx-1.6.2]# ./configure --help --with-http_ssl_module enable ngx_http_ssl_module
将nginx安装到指定的位置下,安装
[root@localhost nginx-1.6.2]# make [root@localhost nginx-1.6.2]# make install
第三步:配置nginx.conf,设置SERVER部分,启动nginx
# HTTPS server # server { listen 443; #HTTPS 默认端口 server_name 10.221.20.175; ssl on; ssl_certificate /home/XXX/nginx-1.4.5/conf/server.crt; #HTTPS ssl_certificate_key /home/XXX/nginx-1.4.5/conf/server_nopwd.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }