碼上歡樂
相關內容    簡體    繁體

創建https證書

本文轉載自   查看原文   2017-11-10 22:24   1534    linux基礎/ http

第一個里程碑:創建https證書

創建文件認證目錄

mkdir /application/nginx/key/ -p

在認證目錄下創建認證文件

  1. openssl req -new -x509 -nodes -out server.crt -keyout server.key
  2.  
  3. Generating a 2048 bit RSA private key
  4. .......+++
  5. ......................................+++
  6. writing new private key to 'server.key'
  7. -----
  8. You are about to be asked to enter information that will be incorporated
  9. into your certificate request.
  10. What you are about to enter is what is called a Distinguished Name or a DN.
  11. There are quite a few fields but you can leave some blank
  12. For some fields there will be a default value,
  13. If you enter '.', the field will be left blank.
  14. -----
  15. Country Name (2 letter code) [XX]:CH
  16. State or Province Name (full name) []:bj
  17. Locality Name (eg, city) [Default City]:bj
  18. Organization Name (eg, company) [Default Company Ltd]: 回車
  19. Organizational Unit Name (eg, section) []: 回車
  20. Common Name (eg, your name or your server's hostname) []: 回車
  21. Email Address []: 回車

編寫 nginx配置文件 (在負載均衡上配置)

  1. worker_processes 1;
  2. events {
  3.     worker_connections 1024;
  4. }
  5. http {
  6.     include mime.types;
  7.     default_type application/octet-stream;
  8.     sendfile on;
  9.     keepalive_timeout 65;
  10.     upstream www_pools {
  11.       server 10.0.0.8;
  12.    }
  13.     upstream bbs_pools {
  14.       server 10.0.0.7;
  15.    }
  16.     upstream blog_pools {
  17.       server 10.0.0.9;
  18.     }
  19.     server {
  20.         listen 443 ssl;
  21.         listen 80;
  22.         server_name www.etiantian.org;
  23.         ssl_certificate /application/nginx/key/server.crt;
  24.         ssl_certificate_key /application/nginx/key/server.key;
  25.         ssl_session_cache shared:SSL:1m;
  26.         ssl_session_timeout 5m;
  27.         ssl_ciphers HIGH:!aNULL:!MD5;
  28.         ssl_prefer_server_ciphers on;
  29.         location / {
  30.             proxy_pass http://www_pools;
  31.             proxy_set_header Host $host;
  32.             proxy_set_header X-Forwarded-For $remote_addr;
  33.         }
  34.     }
  35.     server {
  36.         listen 80;
  37.             server_name bbs.etiantian.org;
  38.         location / {
  39.             proxy_pass http://bbs_pools;
  40.             proxy_set_header Host $host;
  41.             proxy_set_header X-Forwarded-For $remote_addr;
  42.         }
  43.     }
  44.         server {
  45.         listen 80;
  46.             server_name c.etiantian.org;
  47.         location / {
  48.             proxy_pass http://bbs_pools;
  49.             proxy_set_header Host $host;
  50.             proxy_set_header X-Forwarded-For $remote_addr;
  51.         }
  52.     }
  53.  
  54.     server {
  55.         listen 80;
  56.             server_name blog.etiantian.org;
  57.         location / {
  58.             proxy_pass http://blog_pools;
  59.             proxy_set_header Host $host;
  60.             proxy_set_header X-Forwarded-For $remote_addr;
  61.         }
  62.     }
  63. }

測試


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 創建並使用https證書 使用OpenSSL創建HTTPS所使用的SSL證書 使用Let's Encrypt手動創建https證書 創建自定義ssl證書用於https Https:創建部署SSL證書進行雙向認證 Java中創建訪問HTTPS的自簽名證書的方法 C#創建https請求並使用pfx證書 Nginx之Https 證書加密 https證書申請驗證 生成 https 證書並使用
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM