How to config nginx to support SSL/TLS on CentOS
1. Install openssl package
yum install openssl openssl-devel
2. Compile with ssl module
./configure –with-http_ssl_module
3. modify nginx config file
(1) Obtain a certificate issued by a trusted authority.
including
private.key Private Key
certificate.crt Website Certificate
ca_bundle.crt Issuing Authority Certificate
Store them in the /usr/local/nginx/conf
directory.
(2) Modify /usr/local/nginx/conf/nginx.conf
and add the following content
server {
listen 443 ssl;
ssl on;
ssl_certificate /usr/local/nginx/conf/certificate.crt;
ssl_certificate_key /usr/local/nginx/conf/private.key;
}
Appendix: Self-signed Certificate Method for Servers
- Create a server private key. The command will ask you to enter a password.
- Create a certificate signing request (CSR).
- When loading the Nginx with SSL support and using the above private key, remove the required password.
cd /usr/local/nginx/conf
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl rsa -in server.key -out server_nopwd.key
openssl x509 -req -days 365 -in server.csr -signkey server_nopwd.key -out server.crt
Leave a message
Disclaimer
- Welcome to visit the knowledge base of SRE and DevOps!
- License under CC BY-NC 4.0
- Made with Material for MkDocs and improve writing by generative AI tools
- Copyright issue feedback me#imzye.com, replace # with @