Shulou(Shulou.com)06/01 Report--

Openssl generates certificate openssl genrsa-out server.key 2048openssl req-new-key server.key-out server.csropenssl x509-req-days 365-in server.csr-signkey server.key-out server.crt [nginx@machine certificate] $openssl genrsa-out server.key 2048Generating RSA private key 2048 bit long modulus..+++....+++e is 65537 (0x10001) [nginx@machine certificate] $lltotal 4murrwmurr-1 nginx nginx 1679 Jul 11 16:35 server.key [nginx@machine certificate] $ [nginx@machine certificate] $openssl req-new-key server.key-out server.csrYou are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name ora DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value If you enter'.', the field will be left blank.-Country Name (2 letter code) [XX]: cnState or Province Name (full name) []: gdLocality Name (eg, city) [Default City]: gzOrganization Name (eg, company) [Default Company Ltd]: aiOrganizational Unit Name (eg, section) []: aiCommon Name (eg) Your name or your server's hostname) []: Email Address []: Please enter the following 'extra' attributesto be sent with your certificate requestA challenge password []: An optional company name []: [nginx@machine certificate] $[nginx@machine certificate] $openssl x509-req-days 365-in server.csr-signkey server.key-out server.crtSignature oksubject=/C=cn/ST=gd/L=gz/O=ai/OU=aiGetting Private key [nginx@machine certificate] $lltotal 12Muthr-1 nginx nginx 1099 Jul 11 16:36 Server.crt-rw-r- 1 nginx nginx 952 Jul 11 16:35 server.csr-rw-r- 1 nginx nginx 1679 Jul 11 16:35 server.key [nginx@machine certificate] $nginx configuration

[nginx@machine ~] $cd / etc/nginx/

[nginx@machine nginx] $more nginx.conf

User nginx

Worker_processes 1

Error_log / var/log/nginx/error.log warn

Pid / var/run/nginx.pid

Events {

Worker_connections 1024

}

Http {

Include / etc/nginx/mime.types

Default_type application/octet-stream

Log_format main'$remote_addr-$remote_user [$time_local] "$request"'$status $body_bytes_sent "$http_referer"'"$http_user_agent"$http_x_forwarded_for"; access_log / var/log/nginx/access.log main;sendfile on;#tcp_nopush on;keepalive_timeout 65 Upstream zuul_nginx {server 10.13.22.104server_name 8080; server 10.13.22.105VIE8080; server 10.13.22.106server 8080; server 10.13.22.107server 8080;} server {listen 18010 ssl; # listen 443 ssl; # server_name 10.13.22.124; ssl on; ssl_certificate / app/nginx/certificate/server.crt; ssl_certificate_key / app/nginx/certificate/server.key Ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers Higg http://zuul_nginx;; MD5; ssl_ciphers ouyidaorder {proxy_pass http://zuul_nginx;}} server {listen 8080 ssl; ssl on; ssl_certificate / app/nginx/certificate/server.crt Ssl_certificate_key / app/nginx/certificate/server.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ssl_prefer_server_ciphers on; location / ouyidaorder {proxy_pass http://zuul_nginx;}} include / etc/nginx/conf.d/*.conf

}

Restart nginx with root.

test

(1) browser access: https://10.13.22.124:8080/ouyidaorder/api/Subscribe

(2) curl https://10.13.22.124:18010/ouyidaorder/api/Subscribe

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.