1)安裝OpenSSL
//yum install mod_ssl openssl
yum -y install openssl openssl-devel
mkdir /etc/pki/nginx
cd /etc/pki/nginx
2)生成私鑰和自簽證書
openssl req -newkey rsa:2048 -nodes -keyout rsa_private.key -x509 -days 365 -out cert.crt -subj "/C=CN/ST=GD/L=SZ/O=vihoo/OU=dev/CN=127.0.0.1/emailAddress=yy@qq.com"
#監聽443端口
server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; # server_name _; root /var/www/html; ssl_certificate "/etc/pki/cert.crt"; ssl_certificate_key "/etc/pki/rsa_private.key"; ssl_session_timeout 10m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # location / { } location ~ \.php$ { root /var/www/html; index index.html index.php; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } error_page 404 /404.html; location = /40x.html { } # error_page 500 502 503 504 /50x.html; location = /50x.html { } }
6、重啟nginx生效
systemctl restart nginx