How to configure Nginx to implement ssl to implement https-Nginx-php.cn

How to configure Nginx to implement ssl to implement https

WBOY

Release： 2023-05-25 08:31:05

forward

1248 people have browsed it

1. Install Nginx ssl module

1. Check

Check whether the ssl module has been installed:

cd /usr/local/nginx/sbin
./nginx -V

Copy after login

[root@server-c00ef8c3-710d-4708-9cde-2c864e7c03e2 sbin]# ./nginx -V
nginx version: nginx/1.21.4
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) 
configure arguments: --prefix=/usr/local/nginx

Copy after login

If configure arguments do not appear: --with-http_ssl_module Description Not installed.

2. Installation

cd /usr/local/nginx-1.21.4
./configure --prefix=/usr/local/nginx --with-http_ssl_module
make
cp ./objs/nginx /usr/local/nginx/sbin/

Copy after login

3. Check again

Check again whether the ssl module has been installed:

cd /usr/local/nginx/sbin
./nginx -V

Copy after login

[root@server-c00ef8c3-710d-4708-9cde-2c864e7c03e2 sbin]# ./nginx -V
nginx version: nginx/1.21.4
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) 
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_ssl_module

Copy after login

2. Deploy the ssl certificate

Copy the applied ssl certificate to the cert directory:

How to configure Nginx to implement ssl to implement https

3. Configure nginx.conf

cd /usr/local/nginx/conf
vi nginx.conf

Copy after login

Add https server configuration:

#管理端https
server {
     listen 443 ssl;
     server_name admin-xxxxx.xxx.xxx;
     ssl_certificate ../cert/server.crt;
     ssl_certificate_key ../cert/server.key;
     ssl_session_timeout 5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
     ssl_prefer_server_ciphers on;

     location / {
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header Host $http_host;
         proxy_pass http://localhost:10003;
     }
}

Copy after login

4. Restart Nginx

/usr/local/nginx/sbin/nginx -s reload

Copy after login

ps -ef|grep nginx
kill xxx
/usr/local/nginx/sbin/nginx

Copy after login

Supplement: If port 80 is occupied, use kill [id] to end the process:

# 查看端口使用
$ netstat -lntp

Copy after login

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 0.0.0.0:80 0.0.0.0 : LISTEN 21307/nginx: master

tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN 3072/sshd

tcp 0 0 0.0.0.0:443 0.0.0.0???? LISTEN 21307/nginx: master

# End the 80 port process

$ kill 21307

Restart nginx again:

$ /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf

Copy after login

The above is the detailed content of How to configure Nginx to implement ssl to implement https. For more information, please follow other related articles on the PHP Chinese website!