How to upgrade https under Nginx
|
Purchase Certificate You can purchase it from Alibaba Cloud's Cloud Shield Certificate Service Download Certificate Download the Nginx version certificate in the Certificate Console. The compressed file package downloaded to the local computer contains:
Configure Nginx 1. Create a cert directory in the Nginx installation directory and copy all downloaded files to the cert directory. If you created a CSR file yourself when applying for a certificate, please put the corresponding private key file in the cert directory. 2. Open the nginx.conf file in the conf directory under the Nginx installation directory
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on; #Enable gzip
gzip_min_length 1k; #Resources below 1kb are not compressed gzip_comp_level 3; #Compression level [1-9]. The higher the compression level, the higher the compression rate, but also consumes more CPU resources. It is recommended to set it to around 4.
gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css; #Which response types of resources need to be compressed, separated by multiple spaces. It is not recommended to compress images. We will explain why below.
gzip_disable "MSIE [1-6]\."; #Configure the conditions for disabling gzip, supporting regular expressions. This means that gzip is not enabled for IE6 and below (because lower versions of IE do not support it)
gzip_vary on; #Whether to add "Vary: Accept-Encoding" response header server {
listen 80 default backlog=2048; #Configure http available listen 443 ssl; #Configure https
server_name localhost;
ssl_certificate ../cert/hzzly.pem; #Configure certificate file ssl_certificate_key ../cert/hzzly.key; #Configure private key file ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /home/hzzly;
index index.html index.htm;
}
# location ^~ /apis/ {
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-Server $host;
# # Match any request starting with /apis/ and stop matching other locations
# proxy_pass http://xxxxxxxxxx/;
# }
# location ^~ /assets/ {
# gzip_static on;
# expires max;
# add_header Cache-Control public;
# }
}
}
3. Restart Nginx $ cd /usr/local/nginx/sbin $ ./nginx -s reload Error details 1. If the SSL module is not enabled in Nginx, an error message will appear when configuring Https
Nginx enables SSL module Switch to the source package: $ cd /usr/local/src/nginx-1.16.0 Modify the new configure parameters $ ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module After the configuration is complete, run the command $ make //Do not perform make install here, otherwise it will overwrite the installation Back up the original installed nginx $ cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak Overwrite the original nginx with the newly compiled nginx $ cp ./objs/nginx /usr/local/nginx/sbin/ Restart Nginx $ cd /usr/local/nginx/sbin $ ./nginx -s reload The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM. You may also be interested in:
|
<<: Analyze the difference between ES5 and ES6 apply
>>: Detailed explanation on how to avoid the pitfalls of replacing logical SQL in MySQL
Recommend
The process of setting up an environment for integration testing using remote Docker
Demand background The team has the need for integ...
MySQL batch removes spaces in a certain field
Is there any way to remove spaces from a certain ...
HTML+CSS+JavaScript realizes the display of selected effect following the mouse movement
1. Display effect: 2, html structure <div clas...
VMware Workstation Pro 16 License Key with Usage Tutorial
VMware Workstation is a powerful desktop virtual ...
CSS to achieve the transition animation effect of the picture when the mouse is placed on it
Code <div class="test"> <div&g...
Docker Gitlab+Jenkins+Harbor builds a persistent platform operation
CI/CD Overview CI workflow design Git code versio...
Incomplete solution for using input type=text value=str
I encountered a very strange problem today. Look a...
How to use the VS2022 remote debugging tool
Sometimes you need to debug remotely in a server ...
Detailed example of sharedWorker in JavaScript to achieve multi-page communication
This is what happened. Today I was playing with G...
Detailed explanation of the usage and difference between nohup and & in Linux
Example: We use the Python code loop_hello.py as ...
Prometheus monitors MySQL using grafana display
Table of contents Prometheus monitors MySQL throu...
Node.js adds, deletes, modifies and checks the actual combat record of MySQL database
Table of contents Three steps to operate the data...
Install JDK8 in rpm mode on CentOS7
After CentOS 7 is successfully installed, OpenJDK...
Analysis of the problem of deploying vue project and configuring proxy in Nginx
1. Install and start nginx # Install nginx sudo a...
HTML+CSS to achieve charging water drop fusion special effects code
Table of contents Preface: accomplish: Summarize:...