Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Nginx configure https self-signed (openssl generated) certificates

2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Openssl generates certificate openssl genrsa-out server.key 2048openssl req-new-key server.key-out server.csropenssl x509-req-days 365-in server.csr-signkey server.key-out server.crt [nginx@machine certificate] $openssl genrsa-out server.key 2048Generating RSA private key 2048 bit long modulus..+++....+++e is 65537 (0x10001) [nginx@machine certificate] $lltotal 4murrwmurr-1 nginx nginx 1679 Jul 11 16:35 server.key [nginx@machine certificate] $ [nginx@machine certificate] $openssl req-new-key server.key-out server.csrYou are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name ora DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value If you enter'.', the field will be left blank.-Country Name (2 letter code) [XX]: cnState or Province Name (full name) []: gdLocality Name (eg, city) [Default City]: gzOrganization Name (eg, company) [Default Company Ltd]: aiOrganizational Unit Name (eg, section) []: aiCommon Name (eg) Your name or your server's hostname) []: Email Address []: Please enter the following 'extra' attributesto be sent with your certificate requestA challenge password []: An optional company name []: [nginx@machine certificate] $[nginx@machine certificate] $openssl x509-req-days 365-in server.csr-signkey server.key-out server.crtSignature oksubject=/C=cn/ST=gd/L=gz/O=ai/OU=aiGetting Private key [nginx@machine certificate] $lltotal 12Muthr-1 nginx nginx 1099 Jul 11 16:36 Server.crt-rw-r- 1 nginx nginx 952 Jul 11 16:35 server.csr-rw-r- 1 nginx nginx 1679 Jul 11 16:35 server.key [nginx@machine certificate] $nginx configuration

[nginx@machine ~] $cd / etc/nginx/

[nginx@machine nginx] $more nginx.conf

User nginx

Worker_processes 1

Error_log / var/log/nginx/error.log warn

Pid / var/run/nginx.pid

Events {

Worker_connections 1024

}

Http {

Include / etc/nginx/mime.types

Default_type application/octet-stream

Log_format main'$remote_addr-$remote_user [$time_local] "$request"'$status $body_bytes_sent "$http_referer"'"$http_user_agent"$http_x_forwarded_for"; access_log / var/log/nginx/access.log main;sendfile on;#tcp_nopush on;keepalive_timeout 65 Upstream zuul_nginx {server 10.13.22.104server_name 8080; server 10.13.22.105VIE8080; server 10.13.22.106server 8080; server 10.13.22.107server 8080;} server {listen 18010 ssl; # listen 443 ssl; # server_name 10.13.22.124; ssl on; ssl_certificate / app/nginx/certificate/server.crt; ssl_certificate_key / app/nginx/certificate/server.key Ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers Higg http://zuul_nginx;; MD5; ssl_ciphers ouyidaorder {proxy_pass http://zuul_nginx;}} server {listen 8080 ssl; ssl on; ssl_certificate / app/nginx/certificate/server.crt Ssl_certificate_key / app/nginx/certificate/server.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ssl_prefer_server_ciphers on; location / ouyidaorder {proxy_pass http://zuul_nginx;}} include / etc/nginx/conf.d/*.conf

}

Restart nginx with root.

test

(1) browser access: https://10.13.22.124:8080/ouyidaorder/api/Subscribe

(2) curl https://10.13.22.124:18010/ouyidaorder/api/Subscribe

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report