Nginx下openssl颁发SSL证书
1) rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
2) yum install nginx php-fpm.x86_64 -y
3) cd /etc/nginx/conf.d
4) openssl genrsa -des3 -out baiqiuyi.com.key 2048 #创建私钥 (没密码 openssl genrsa -out baiqiuyi.com.key 2048)
5) openssl req -new -key baiqiuyi.com.key -out baiqiuyi.com.csr #证书签名
6) openssl x509 -req -days 365 -in baiqiuyi.com.csr -signkey baiqiuyi.com.key -out baiqiuyi.com.crt #用私钥及证书签名颁发证书
7) #添加至nginx配置文件
ssl on;
ssl_certificate /etc/nginx/conf.d/baiqiuyi.com.crt;
ssl_certificate_key /etc/nginx/conf.d/baiqiuyi.com.key;
8) openssl rsa -in baiqiuyi.com.key -out nopasswd.baiqiuyi.com.key #移除密码,如果不希望Nginx重启需要输入密码则使用这个key
#nginx配置文件
server {
listen 80;
listen 443;
#
ssl on;
ssl_certificate /etc/nginx/conf.d/baiqiuyi.com.crt;
#ssl_certificate_key /etc/nginx/conf.d/baiqiuyi.com.key;
ssl_certificate_key /etc/nginx/conf.d/nopasswd.baiqiuyi.com.key;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
初到贵博客,体验不错,希望博主多多分享好的内容,也欢迎博主加入博客互推联盟,多多跟其他博友互动。