1.安装openssl开发环境
1. yum install openssl
2. yum install openssl-devel
2.生成私钥和证书
// 1.生成私钥
openssl genrsa -out 254.key 1024
// 2.生成CSR(证书签名请求)
openssl req -new -key 254.key -out 254.csr
// 3.删除密钥中的密码
openssl rsa -in 254.key -out 254.key
// 4.生成自签名证书
openssl x509 -req -days 365 -in 254.csr -signkey 254.key -out 254.crt
// 5.生成pem格式的证书
openssl x509 -in server.crt -out server.pem -outform PEM
3. 配置ssl文件
server {
listen 443 ssl;
server_name 254.com;
ssl_certificate /etc/nginx/ssl_certs/254.pem;
ssl_certificate_key /etc/nginx/ssl_certs/254.key;
#ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /mnt/hgfs/project/nginx_html/;
charset utf-8;
location / {
}
}
原文:https://www.cnblogs.com/iamwho/p/12865589.html