码上快乐

相关内容   简体   繁体

Nginx 配置 SSL,很系统!很完整!解决 Nginx 报错 nginx: [emerg] unknown directive "ssl" in /usr/local/nginx/conf/nginx.conf

本文转载自  查看原文  2022-02-21 17:03  2748    Nginx

完整记录在给 Nginx 配置 SSL 操作,起初的 Nginx 配置未引入SSL模块,现配置 SSL 遇到的问题

1、更改 conf 的配置

server {
 listen 443;                        # 监听端口
 server_name str.boxxxxeji.cn;        # 站点域名
 ssl on;
 ssl_certificate  /usr/local/nginx/ssl/5983941__boxxxxeji.cn.pem;
 ssl_certificate_key /usr/local/nginx/ssl/5983941__boxxxxeji.cn.key;
 ssl_session_timeout 5m;
 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;
 try_files $uri /index.html;
 charset utf-8;
 gzip on;
 gzip_buffers 32 4K;
 gzip_comp_level 6;
 gzip_min_length 100;
 gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
 gzip_disable "MSIE [1-6]\."; 
 gzip_vary on;

 limit_req zone=allips burst=5 nodelay;

 location / {
  proxy_pass http://127.0.0.1:8086/;
 }
}

 

2、在加入SSL需要的文件

  在 /usr/local/nginx 目录下创建 ssl 文件夹,并且把域名的证书文件放入其中

 

 

3、重启 Nginx 

sudo /usr/local/nginx/sbin/nginx -s reload

报错:nginx: [emerg] unknown directive "ssl" in /usr/local/nginx/conf/nginx.conf:4

其原因是 Nginx 未引入 SSL 模块

 

4、进入 Nginx 的解压目录执行如下代码

./configure --with-http_ssl_module

PS:如果已经删了就重新下载对应版本的Nginx吧

Nginx下载地址: https://nginx.org/en/download.html

下载1.18.0为例:wget https://nginx.org/download/nginx-1.18.0.tar.gz

解压命令: sudo tar -zxvf nginx-1.18.0.tar.gz

进入nginx目录: cd nginx-1.18.0/

再执行命令:sudo ./configure --with-http_ssl_module

 

5、执行make

sudo make

 

6、备份原来的 Nginx

cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak

 

7、新 Nginx 替换原 Nginx

sudo cp -rfp objs/nginx /usr/local/nginx/sbin/nginx

 

8、检查Nginx配置

sudo /usr/local/nginx/sbin/nginx -t

 

9、重启 Nginx

sudo /usr/local/nginx/sbin/nginx -s reload

如果报:nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/nginx/conf/server/str.conf:5

修改 conf 配置配置如下:

server {
 listen 443 ssl;                        # 监听端口
 server_name str.boxxxxeji.cn;        # 站点域名
 ssl_certificate  /usr/local/nginx/ssl/5983941__boxxxxeji.cn.pem;
 ssl_certificate_key /usr/local/nginx/ssl/5983941__boxxxxeji.cn.key;
 ssl_session_timeout 5m;
 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;
 try_files $uri /index.html;
 charset utf-8;
 gzip on;
 gzip_buffers 32 4K;
 gzip_comp_level 6;
 gzip_min_length 100;
 gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
 gzip_disable "MSIE [1-6]\."; 
 gzip_vary on;

 limit_req zone=allips burst=5 nodelay;

 location / {
  proxy_pass http://127.0.0.1:8086/;
 }
}

重启 Nginx 即可

 


免责声明!

本站转载的文章为个人学习借鉴使用,本站对版权不负任何法律责任。如果侵犯了您的隐私权益,请联系本站邮箱yoyou2525@163.com删除。



猜您在找 启动Nginx 出现 nginx: [emerg] unknown directive "#user" in /usr/local/nginx/conf/nginx.conf:1 nginx: [emerg] https protocol requires SSL support in /usr/local/nginx/conf/nginx.conf:50 nginx: [emerg] unknown directive "," in /usr/local/etc/nginx/nginx.conf:80 nginx: [emerg] unknown directive “ ” in /usr/local/nginx/nginx.conf.conf:xx报错处理 nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/nginx//conf/nginx.conf:117 nginx: [emerg] unknown directive “ ” in /usr/local/nginx/conf/vhost/XXX.conf:53报错处理 nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/nginx/conf/nginx.conf:37 解决报错 nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/nginx/conf/nginx Nginx配置SSL报错 nginx: [emerg] unknown directive "ssl" 启动nginx时报错 nginx: [emerg] unknown directive "stream" in /etc/nginx/nginx.conf:13
 
粤ICP备18138465号  © 2018-2025 CODEPRJ.COM