1、安装nginx
1、创建nginx的yum源
[root@nginx-web ~]# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/rhel/7/$basearch/
gpgcheck=0
enabled=1
2、安装nginx程序
[root@nginx-web ~]# yum -y install nginx
[root@nginx-web ~]# systemctl start nginx
2、apache-web服务器使用证书实现https
1、安装ssl模块
[root@nginx-web ~]# yum install mod_ssl -y
2、配置apache加载证书文件
上传证书文件到apache-web服务器/etc/nginx/conf.d文件夹
[root@nginx-web ~]# ls /etc/nginx/conf.d/server.key server.key #查看私钥
[root@nginx-web ~]# vim /etc/nginx/conf.d/default.conf #在最后添加上以下内容
server {
listen 443 ssl;
keepalive_timeout 70;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
} #添加一下内容
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/conf.d/server.crt;
ssl_certificate_key /etc/nginx/conf.d/server.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
}
检测nginx配置文件
[root@nginx-web ~]# /usr/sbin/nginx -t
Enter PEM pass phrase:123456 #私钥的密码
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
重新加载nginx配置文件
[root@nginx-web ~]# /usr/sbin/nginx -s reload #加载 Nginx 配置文件。
Enter PEM pass phrase: 123456 #私钥的密码
nginx: [error] open() "/var/run/nginx.pid" failed (2: No such file or directory)
启动nginx程序
[root@nginx-web ~]# /usr/sbin/nginx #直接使用 Nginx 程序启动。
Enter PEM pass phrase: 123456 #私钥的密码
查看443端口
[root@nginx-web ~]# # lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 4717 root 7u IPv4 54743 0t0 TCP *:https (LISTEN)
nginx 4718 nginx 7u IPv4 54743 0t0 TCP *:https (LISTEN)
在浏览器测试https
3、配置http自动跳转到https
server {
listen 80;
server_name www.domain.com;
rewrite ^(.*)$ https://$host$1 permanent;
}