利用NGINX搭建HTTPS服务器不是一件困难的事情,过程包括以下几步
第一步:利用OpenSSL制作证书
第二步:安装NGINX,configure中保证加入ngx_http_ssl_module.c模块
[root@localhost ~]# wget "http://nginx.org/download/nginx-1.6.2.tar.gz";
---- ::-- http://nginx.org/download/nginx-1.6.2.tar.gz
Resolving nginx.org... 206.251.255.63
Connecting to nginx.org|206.251.255.63|:... connected.
HTTP request sent, awaiting response... OK
Length: (785K) [application/octet-stream]
Saving to: `nginx-1.6..tar.gz.' %[==============================================================================================================================>] , .0K/s in 15s -- :: (53.1 KB/s) - `nginx-1.6..tar.gz.' saved [804164/804164] [root@localhost ~]# tar zvxf nginx-1.6..tar.gz [root@localhost ~]# cd nginx-1.6.
从configure --help中,我们可以看到 需要加上ssl模块
[root@localhost nginx-1.6.]# ./configure --help
--with-http_ssl_module enable ngx_http_ssl_module
将nginx安装到指定的位置下,安装
[root@localhost nginx-1.6.]# make [root@localhost nginx-1.6.]# make install
第三步:配置nginx.conf,设置SERVER部分,启动nginx
# HTTPS server
#
server {
listen ; #HTTPS 默认端口
server_name 10.221.20.175; ssl on;
ssl_certificate /home/XXX/nginx-1.4./conf/server.crt; #HTTPS
ssl_certificate_key /home/XXX/nginx-1.4./conf/server_nopwd.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on; location / {
root html;
index index.html index.htm;
}
}