How to config nginx to support SSL/TLS on CentOS

1. Install openssl package

yum install openssl openssl-devel

2. Compile with ssl module

./configure –with-http_ssl_module

3. modify nginx config file

(1) Obtain a certificate issued by a trusted authority.

including

private.key      Private Key
certificate.crt  Website Certificate
ca_bundle.crt    Issuing Authority Certificate

Store them in the /usr/local/nginx/conf directory.

(2) Modify /usr/local/nginx/conf/nginx.conf and add the following content

server {
        listen       443 ssl;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/certificate.crt;
        ssl_certificate_key /usr/local/nginx/conf/private.key;
}

Appendix: Self-signed Certificate Method for Servers

1. Create a server private key. The command will ask you to enter a password.
2. Create a certificate signing request (CSR).
3. When loading the Nginx with SSL support and using the above private key, remove the required password.

cd /usr/local/nginx/conf
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl rsa -in server.key -out server_nopwd.key
openssl x509 -req -days 365 -in server.csr -signkey server_nopwd.key -out server.crt

Leave a message

Name

Email



Send