首先,查看安装了哪些模块,如下:
[root@iZ23i5mx5vxZ sbin]# ./nginx -V
nginx version: nginx/1.10.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-ipv6 --with-http_sub_module
[root@iZ23i5mx5vxZ sbin]# cd ../conf/
[root@iZ23i5mx5vxZ conf]# openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
.................................++++++
...................++++++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
[root@iZ23i5mx5vxZ conf]# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.‘, the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:ldtrader.com
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server‘s hostname) []:ldtrader.com # 从这里可以看出,openssl的定义要比keytool更加清晰
Email Address []:
Please enter the following ‘extra‘ attributes
to be sent with your certificate request
A challenge password []:tomcat
An optional company name []:
[root@iZ23i5mx5vxZ conf]# openssl rsa -in server.key -out server_nopwd.key
Enter pass phrase for server.key:
writing RSA key
[root@iZ23i5mx5vxZ conf]# openssl x509 -req -days 3650 -in server.csr -signkey server_nopwd.key -out server.crt
Signature ok
subject=/C=CN/L=Default City/O=ldtrader.com/CN=ldtrader.com
Getting Private key
# cp /usr/local/nginx/conf/server.crt /usr/local/nginx/html/
进入nginx的sbin目录,启动nginx
# cd /usr/locacl/nginx/sbin
# nohup ./nginx &
进入nginx主页查看
https://ldtrader.com
原文:http://www.cnblogs.com/zhjh256/p/6262620.html