nginx: [emerg] https protocol requires SSL support in /usr/local/nginx/conf/nginx.conf:50

最近在nginx中配置一個443端口

一、安裝nginx

首先得先安裝個nginx

1、安裝依賴包

	# 一鍵安裝上面四個依賴
	[root@dex ~]# yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel

2、下載並解壓nginx安裝包

	# 創建一個文件夾
	[root@dex ~]# cd /usr/local
	
	[root@dex local]# mkdir nginx
	
	[root@dex local]# cd nginx
	
	# 下載tar包
	[root@dex nginx]# wget http://nginx.org/download/nginx-1.13.7.tar.gz
	
	# 解壓 nginx 包
	[root@dex nginx]# tar -xvf nginx-1.13.7.tar.gz

手動下載nginx http://nginx.org/en/download.html

3、執行安裝nginx

	#進入nginx目錄
	[root@dex nginx]# cd nginx-1.13.7
	
	#執行編譯命令
	[root@dex nginx-1.13.7]# ./configure
	
	#執行make命令
	[root@dex nginx-1.13.7]# make
	
	#執行make install命令
	[root@dex nginx-1.13.7]# make install

4、配置nginx

	# 打開配置文件
	[root@dex ~]# vi /usr/local/nginx/conf/nginx.conf

5、啟動nginx

	[root@dex ~]#/usr/local/nginx/sbin/nginx

6、查看nginx進程

	[root@dex nginx-1.13.7]# ps -ef|grep nginx
	root     22988     1  0 Dec20 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
	nobody   22989 22988  0 Dec20 ?        00:00:00 nginx: worker process
	root     23638 23598  0 09:06 pts/0    00:00:00 grep --color=auto nginx
	[root@dex nginx-1.13.7]# 

二、下載ssl證書

然后解壓下載的 證書zip

會得到三個文件，我們打開nginx 的文件夾

三、配置ssl

然后將這個兩個文件上傳到linux（我是上傳到 /opt/sslCertificate/）目錄下

	[root@dex ~]# ll /opt/sslCertificate/
	total 8
	-rw-r--r-- 1 root root 3733 Dec 20 21:25 1_www.benpaodehenji.com_bundle.crt
	-rw-r--r-- 1 root root 1704 Dec 20 21:25 2_www.benpaodehenji.com.key

ssl配置如下

    server {
        listen       443 ssl;
        server_name  www.benpaodehenji.com;

        ssl_certificate     /opt/sslCertificate/1_www.benpaodehenji.com_bundle.crt;
        ssl_certificate_key  /opt/sslCertificate/2_www.benpaodehenji.com.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        #ssl_ciphers HIGH:!aNULL:!MD5;
        #ssl_prefer_server_ciphers on;

        location / {
            root  /opt/html;
            index  index.html index.htm;
      }
        location /vueapp/ {
	    proxy_pass http://127.0.0.1:8191/;
       }
 
   }

然后監聽80強制反向代理到https

    server {
        listen       80;
        server_name www.benpaodehenji.com ;
        #charset koi8-r;
        #access_log logs/host.access.log main;
        
	    rewrite ^(.*)$ https://${server_name}$1 permanent;
		location  / {
			proxy_pass https://benpaodehenji.com;
		}
}

配置完成后運行/usr/local/nginx/sbin/nginx -t 時提示 如下錯誤

	[root@dex sbin]# ./nginx -t
	nginx: [emerg] https protocol requires SSL support in /usr/local/nginx/conf/nginx.conf:50
	nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed

這個是nginx 不支持 https，接下來得進入如下配置，讓其支持ssl

四、配置nginx 支持ssl

1、首先cd /usr/local/nginx/nginx-1.13.7 然后執行如下命令

	[root@dex nginx-1.13.7]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module
	checking for OS
	 + Linux 3.10.0-957.21.3.el7.x86_64 x86_64
	checking for C compiler ... found
	 + using GNU C compiler
	 + gcc version: 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC) 
	.....省略
	  nginx http uwsgi temporary files: "uwsgi_temp"
	  nginx http scgi temporary files: "scgi_temp"

這里並可沒有完，需要先停掉nginx 然后在執行make 進行重新編譯
注意不要使用make install那樣就是重新安裝一次 nginx 了

	[root@dex nginx-1.13.7]# make
	make -f objs/Makefile
	make[1]: Entering directory `/usr/local/nginx/nginx-1.13.7' cc -c -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs \ -o objs/src/core/nginx.o \ ... 省略 -ldl -lpthread -lcrypt -lpcre -lssl -lcrypto -ldl -lz \ -Wl,-E sed -e "s|%%PREFIX%%|/usr/local/nginx|" \ -e "s|%%PID_PATH%%|/usr/local/nginx/logs/nginx.pid|" \ -e "s|%%CONF_PATH%%|/usr/local/nginx/conf/nginx.conf|" \ -e "s|%%ERROR_LOG_PATH%%|/usr/local/nginx/logs/error.log|" \ < man/nginx.8 > objs/nginx.8 make[1]: Leaving directory `/usr/local/nginx/nginx-1.13.7'

2、執行完成后，我們備份一下原來的nginx （這個以防萬一，如果你的nginx中沒有其他部署那倒是無所謂）

	[root@dex nginx-1.13.7]# cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx_bak

3、 再把剛才編譯的nginx 拷貝覆蓋原來的nginx

	[root@dex nginx-1.13.7]# cp ./objs/nginx /usr/local/nginx/sbin/

4、nginx 安裝情況

	[root@dex nginx-1.13.7]# /usr/local/nginx/sbin/nginx -v
	nginx version: nginx/1.13.7

5、 在執行一下nginx -t 檢測一下

	[root@dex nginx-1.13.7]# /usr/local/nginx/sbin/nginx -t
	nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
	nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

6、啟動nginx

	[root@dex nginx-1.13.7]# /usr/local/nginx/sbin/nginx
	
	# 看看哈進程
	[root@dex nginx-1.13.7]# ps -ef|grep nginx
	root     22988     1  0 22:45 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
	nobody   22989 22988  0 22:45 ?        00:00:00 nginx: worker process
	root     23014 20315  0 22:51 pts/0    00:00:00 grep --color=auto nginx
	[root@dex nginx-1.13.7]# 

記錄下其他nginx相關命令

	
	./nginx 啟動nginx
	./nginx -s quit:此方式停止步驟是待nginx進程處理任務完畢進行停止。
	./nginx -s stop:此方式相當於先查出nginx進程id再使用kill命令強制殺掉進程。
	
	./nginx -s reload 重新加載配置

linux 進程查詢、 關閉

	[root@dex sbin]# ps -ef|grep nginx
	nobody    6715 14665  0 Dec12 ?        00:00:00 nginx: worker process
	root     14665     1  0 Nov03 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
	root     22551 20315  0 22:06 pts/0    00:00:00 grep --color=auto nginx
	[root@dex sbin]# kill -9 14665
	[root@dex sbin]# kill -9 22551
	-bash: kill: (22551) - No such process