【Nginx】Linux 环境下 Nginx 配置SSL 证书

一、解压三个包到相同目录编译nginx

cd /usr/local/src/nginx-1.12.2     
# 将下列的包版本号换成自己下载的版本号
./configure --prefix=/usr/local/nginx --with-openssl=../openssl-1.0.2e --with-pcre --with-zlib=../zlib-1.2.11 --with-stream --with-stream_ssl_module --with-http_ssl_module --with-http_v2_module --with-threads
make
make install

二、 将域名对应的SSL证书 上传到 nginx 中的 html中(任意位置,我上传选择的是html文件)

#user nobody;
worker_processes 2;
worker_cpu_affinity 0001 0010;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
#gzip on;
#doctor
upstream doc {
server **.**.***.***:8081; #ip :端口号
} #patient
upstream pat {
server **.**.***.***:8082;#ip:端口号
} server {
listen 443;
server_name XXXXXX.com;#域名
#charset koi8-r; #access_log logs/host.access.log main; ssl on;
ssl_certificate /usr/local/nginx/html/1211658__XXXXX.com.pem; #(证书公钥)
ssl_certificate_key /usr/local/nginx/html/1211658__XXXXX.com.key; #(证书私钥) ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on; location /pat/ {
proxy_pass http://pat; # tomcat服务器地址
} location /doc/ {
proxy_pass http://doc;
}
} }

三、重启nginx  就可以了

上一篇:数字证书、SSL、HTTPS及在Nginx中的配置


下一篇:HTML5文件上传还有进度条