In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly introduces how to install the SSL certificate under Nginx in Linux, which has a certain reference value, and interested friends can refer to it. I hope you can learn a lot after reading this article.
1. Nginx installs SSL certificate
Two configuration files are required
(warm reminder: please back up the server configuration file you need to modify before installing the certificate)
1_root_bundle.crt
2_domainname.com.key .
Note: these three certificate files are all in the folder for Nginx.zip, for example: 1_root_bundle.crt is the root certificate chain (public key), and 2 _ domainname.com.key is the private key.
(among them: certificate public key and private key files are generally named after your domain name; certificate suffix names crt and cer are of the same nature).
II. Modification of Nginx certificate code
1. Open the nginx.conf file in the conf directory under the Nginx installation directory, and the Ali CVM is located in / alidata/server/nginx/conf/nginx.conf.
Find:
# HTTPS server # # server {# listen 443; # server_name localhost; # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers all avatar "ADH" EXPORT56 RC4 "High" RSAV "Medi IUM" LOWRV "SSLv2v" EXP; # ssl_prefer_server_ciphers on; # location / {# root html # index index.html index.htm; #} #}
Modify it to:
Server {listen 443; server_name localhost; ssl on; ssl_certificate 1 certificate private key; (certificate public key) ssl_certificate_key 2 _ domainname.com.key; (certificate private key) ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers AESGCMV all car "DHV" exporter "RC4" RC4 "Higg" Medimlu "LOWILL" aNULLLNUE "null" Ssl_prefer_server_ciphers on; location / {root html; index index.html index.htm;}
Note: after the completion of the configuration, the website path and default page should be consistent with port 80.
two。 Local test access.
If testing locally, please do local resolution access: open the system disk:\ Windows\ System32\ Drivers\ etc\ hosts file, modify it with a text editor, and resolve the domain name bound to the certificate to the local ip.
3. The effect after completing the configuration.
Start nginx to access the domain name bound to the https://+ certificate
Note: if the website cannot be accessed normally through https after deployment, you can confirm whether the server port 443 is open or blocked by acceleration tools such as website guardians.
(1) Open method: firewall setting-exception port-add port 443 (TCP).
(2) if intercepted by security or acceleration tools, you can add 443 to the trust list in the intercept record.
After rebooting, access via https again.
3. Wordpress configuration (2 ways: Qiniu and Ali oss)
First: download the HTTPS plug-in and Qiniu Cloud Storage plug-in. The plug-ins are configured as shown below.
HTTPS plug-in:
Qiniu Cloud storage plug-in: (all my pictures are saved in Qiniu object storage)
Figure 1
Figure 2
The second type: oss is configured as follows
2, modify external links, that is, links for unsafe factors, my blog website mainly needs to be modified as follows.
A, Baidu statistical modification (supported); b, Baidu sharing modification (not supported, need to localize Baidu sharing); c, theme picture modification (one by one); d, picture modification in the content; e, Sina follow button localization (who knows can be shared with bloggers)
IV. Cdn configuration
The certificate and key of www's domain name can be uploaded directly to Aliyun, and you can choose 443 for origin-pull. If you cannot leave a message, cancel js loading.
Finally, you should be able to configure SSL completely.
Thank you for reading this article carefully. I hope the article "how to install the SSL Certificate under Nginx in Linux" shared by the editor will be helpful to everyone. At the same time, I also hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 299
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.