nginx配置https

• 使用openssl生成证书

openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /usr/local/nginx/conf/cert.key -out /usr/local/nginx/conf/cert.crt

• 编译

# need openssl, pcre, zlib

./configure \
    --with-http_stub_status_module \
    --with-http_ssl_module
 
make
 
sudo make install

• 查看版本

/usr/local/nginx/sbin/nginx -V

• 配置https

nginx.conf

    server {
 
        listen	80;
        server_name localhost;
        rewrite ^(.*) https://$server_name$1 permanent; #http to https
    }

server {
    listen 443 ssl;
    server_name localhost;
    ssl_certificate       /usr/local/nginx/conf/cert.crt;
    ssl_certificate_key   /usr/local/nginx/conf/cert.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    server_tokens off;

    fastcgi_param   HTTPS               on;
    fastcgi_param   HTTP_SCHEME         https;
    access_log /usr/local/nginx/logs/httpsaccess.log;
}

• 检查配置

sudo /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

• 启动

/usr/local/nginx/sbin/nginx -s reload

• 访问