config https in nginx(free)

get server.key with password

openssl genrsa -des3 -out server.key 2048

get server.key no password

openssl rsa -in server.key -out server.key

get server.csr

openssl req -new -key server.key -out server.csr
country name: CN
common name: mysite.com

get ca.crt

openssl req -new -x509 -key server.key -out ca.crt -days 3650

get server.crt

openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey server.key -CAcreateserial -out server.crt

config ssl.conf

server {
    listen 443 ssl;
    server_name localhost;
    ssl_certificate /root/keys/server.crt;
    ssl_certificate_key /root/keys/server.key;

    ssl_session_timeout 5m; 
    ssl_protocols SSLv2 SSLv3 TLSv1; 
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; 
    ssl_prefer_server_ciphers on;
}

open 443 port

iptables -I INPUT -p tcp --dport 443 -j ACCEPT

restart nginx

nginx -s stop
nginx

posted @ 2018-09-29 12:45 idlewith 阅读(178) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

idlewith

个人博客：https://idlewith.com/，欢迎访问

config https in nginx(free)

get server.key with password

get server.key no password

get server.csr

get ca.crt

get server.crt

config ssl.conf

open 443 port

restart nginx

公告