Detailed tutorial on configuring nginx for https encrypted access

Detailed tutorial on configuring nginx for https encrypted access

environment:

1 CentOS Linux release 7.5.1804 (Core)
Disable firewall and selinux

Start deployment:

1. Install nginx

@1.1 Dependency Installation

yum -y install wget gcc gcc-c++ pcre-devel openssl-devel

@1.2 nginx software package download

 wget http://nginx.org/download/nginx-1.19.0.tar.gz

@1.3 Unzip, compile, and install

[root@localhost ~]# tar xf nginx-1.19.0.tar.gz 
[root@localhost ~]# cd nginx-1.19.0
[root@localhost nginx-1.19.0]# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module && make && make install

@1.4 Switch to the nginx directory and make a soft link

[root@localhost nginx-1.19.0]# cd /usr/local/nginx/
[root@localhost nginx]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx

2. Configure private key and certificate

@2.1 Create a private key

[root@localhost nginx]# mkdir sslkey
[root@localhost nginx]# cd sslkey/
[root@localhost sslkey]# openssl genrsa -des3 -out server.key 1024 

insert image description here

@2.2 Generate certificate file

[root@localhost sslkey]# openssl req -new -key server.key -out server.csr 

insert image description here

[root@localhost sslkey]# openssl req -x509 -days 3650 -key server.key -in server.csr > server.crt 

insert image description here

The -days parameter specifies the validity period of the certificate in days
x509 means the generated X.509 certificate is only used for testing. When it is actually run, the CSR should be sent to a CA to return the real certificate.

Use openssl x509 -noout -text -in server.crt to view the contents of the certificate. The certificate actually contains the Public Key
@2.3 Generate a secret private key

[root@localhost sslkey]# openssl rsa -in server.key -out server.key.unsecure 

insert image description here

View the generated certificate and private key files

insert image description here

3. Configure nginx for https

@3.1 Modify the configuration of nginx.conf, replace the listening port 80 with 443, and configure SSL authentication

[root@localhost conf]# pwd
/usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf
server {
  listen 443;
  server_name localhost;
  ssl_certificate /usr/local/nginx/sslkey/server.crt;
  ssl_certificate_key /usr/local/nginx/sslkey/server.key.unsecure;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  ssl_prefer_server_ciphers on; 

insert image description here

@3.2 Start nginx and check the port

[root@localhost conf]# nginx
[root@localhost conf]# ss -nltp|grep 443
LISTEN 0 128 *:443 *:* users:(("nginx",pid=25949,fd=6),("nginx",pid=25948,fd=6))

4 Just access it through your browser!

insert image description here

This is the end of this article about the detailed tutorial on configuring nginx for https encrypted access. For more relevant content about configuring nginx for https encrypted access, please search for previous articles on 123WORDPRESS.COM or continue to browse the following related articles. I hope you will support 123WORDPRESS.COM in the future!

You may also be interested in:
  • Example of how to configure nginx to implement SSL
  • Nginx implements https website configuration code example
  • Implementation of Nginx domain name forwarding https access
  • Alibaba Cloud Nginx configures https to implement domain name access project (graphic tutorial)
  • Detailed explanation of the principle and implementation process of Nginx configuration https
  • Nginx configures the same domain name to support both http and https access
  • Detailed configuration of Nginx supporting both Http and Https
  • Implementation of HTTP and HTTPS services with Nginx reverse proxy for multiple domain names
  • Example code for using Nginx to implement 301 redirect to https root domain name
  • How to change the website accessed by http to https in nginx

<<:  A simple ID generation strategy: Implementation of generating globally unique ID from MySQL table

>>:  JavaScript to achieve the effect of tab bar switching

Recommend

Detailed explanation of the use of Join in Mysql

In the previous chapters, we have learned how to ...

MySQL slow query pitfalls

Table of contents 1. Slow query configuration 1-1...

React implements paging effect

This article shares the specific code for React t...

MySQL uses limit to implement paging example method

1. Basic implementation of limit In general, the ...

Installation method of MySQL 5.7.18 decompressed version under Win7x64

Related reading: Solve the problem that the servi...

How to remove inline styles defined by the style attribute (element.style)

When modifying Magento frequently, you may encount...

mysql subquery and join table details

Table of contents 1. What is a subquery? 2. Self-...

React hooks pros and cons

Table of contents Preface advantage: shortcoming:...

MySQL 8.0 installation tutorial under Linux

This article introduces how to install MySQL 8.0 ...

Detailed explanation of JS memory space

Table of contents Overview 1. Stack and Heap 2. V...

translate(-50%,-50%) in CSS achieves horizontal and vertical centering effect

translate(-50%,-50%) attributes: Move it up and l...

How to add vector icons to web font files in web page production

As we all know, there are two types of images in c...

Methods and steps for deploying GitLab environment based on Docker

Note: It is recommended that the virtual machine ...

Detailed explanation of the steps of using ElementUI in actual projects

Table of contents 1. Table self-sorting 2. Paging...

How to install pyenv under Linux

Prerequisites Need to install git Installation St...