当前位置:网站首页>SSL certificate deployment
SSL certificate deployment
2022-07-07 03:32:00 【Not bald】
When we finish applying SSL After certificate , Also need to nginx Make the relevant configuration , Can be converted to a secure connection .
Download the certificate file to the server
- First , Go to the server console , Download to local certificate .
![image.png](https://img-blog.csdnimg.cn/img_convert/920be43a932d4224c7205550eec92239.png#clientId=ud0ca9c0e-c348-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=653&id=uf7b16ae7&margin=[object Object]&name=image.png&originHeight=653&originWidth=1755&originalType=binary&ratio=1&rotation=0&showTitle=false&size=77083&status=done&style=shadow&taskId=ub9c83b1f-921d-459b-93e1-ed300e0188d&title=&width=1755)
![image.png](https://img-blog.csdnimg.cn/img_convert/cadf3c7f55866c1f2511ce0ca546faae.png#clientId=ud0ca9c0e-c348-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=436&id=u68f60a67&margin=[object Object]&name=image.png&originHeight=808&originWidth=689&originalType=binary&ratio=1&rotation=0&showTitle=false&size=49967&status=done&style=shadow&taskId=u7d711b29-ea4a-4b4f-9597-1a61cd72c9f&title=&width=372)
After the above screenshot operation , We can download the certificate locally .
After decompression, as shown in the figure :
![image.png](https://img-blog.csdnimg.cn/img_convert/cddafa2a49e6928cfd21f872533eab18.png#clientId=ud0ca9c0e-c348-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=193&id=uc2957425&margin=[object Object]&name=image.png&originHeight=193&originWidth=631&originalType=binary&ratio=1&rotation=0&showTitle=false&size=14259&status=done&style=shadow&taskId=ue4942528-259b-4043-b01f-41c32823eec&title=&width=631)
among :.key
The end file is the key file ..pem
The end file is the certificate file .
We need to upload these two files to the server .
- Upload the local certificate to the specified directory of the server
I upload it here to /usr/local/nginx/cert/
Under the table of contents .
After uploading, see the figure :
![image.png](https://img-blog.csdnimg.cn/img_convert/c1dcda6f1918b76cd4cdfcf8725a8dc9.png#clientId=ud0ca9c0e-c348-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=38&id=u13b89c33&margin=[object Object]&name=image.png&originHeight=38&originWidth=341&originalType=binary&ratio=1&rotation=0&showTitle=false&size=3787&status=done&style=shadow&taskId=u7574af12-50b2-48ba-a9e7-9bfa40409a9&title=&width=341)
It contains our The key file
and Certificate file
Okay . So we upload the certificate to the server .
To configure nginx.conf
We also need to configure nginx.conf File to validate the certificate file .
add to server
modular .
Add modules to the configuration file server modular .
commonly , The default configuration file has these contents , It's just commented out . Let's just let go .
however , Also need to change something . The following tips have been given .
server {
listen 443 ssl;
server_name localhost;
# The following path is the absolute path of the file you uploaded in the previous step .
# If you don't write the absolute path, you will report an error
ssl_certificate /usr/local/nginx/cert/xxxxxxxx_bundle.pem;
ssl_certificate_key /usr/local/nginx/cert/xxxxxxxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
nginx add to ssl modular
- Check which modules we currently have installed
/usr/local/ngxin/sbin/nginx -V
Display information :
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
configure arguments:
configure arguments
The module installed for us . You can see that it is not installed ssl modular .
If you contain ngx_http_ssl_module
, Then you can skip the step of adding modules .
- Get into nginx Installation directory
Be careful : No /usr/local/nginx/
My installation directory is :/usr/local/nginx-1.20.2
It contains configure
file .
![image.png](https://img-blog.csdnimg.cn/img_convert/3a67918ffa43dd65b6b4e5e2f9216ce2.png#clientId=ud0ca9c0e-c348-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=42&id=u3a556d7f&margin=[object Object]&name=image.png&originHeight=42&originWidth=822&originalType=binary&ratio=1&rotation=0&showTitle=false&size=9186&status=done&style=shadow&taskId=ucafb2ed0-6e93-4760-9814-966ec8dd558&title=&width=822)
Under the installation directory, enter :
./configure --prefix=/usr/local/nginx
./configure --with-http_ssl_module
make
make install
- Backup nginx. And then compile the nginx Replace the original nginx.
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak
cp ./objs/nginx /usr/local/nginx/sbin/
restart nginx And test the
restart :
/usr/local/nginx/sbin/nginx -s reload
test :
Viewer input https:// domain name
![image.png](https://img-blog.csdnimg.cn/img_convert/1c13d92f4268580e8b54d1b5e1486784.png#clientId=ud0ca9c0e-c348-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=221&id=u63b81f78&margin=[object Object]&name=image.png&originHeight=221&originWidth=370&originalType=binary&ratio=1&rotation=0&showTitle=false&size=31819&status=done&style=shadow&taskId=u305a2b6c-8d6e-4477-aefa-38faefc4d96&title=&width=370)
The connection is secure , success .
边栏推荐
- U.S. Air Force Research Laboratory, "exploring the vulnerability and robustness of deep learning systems", the latest 85 page technical report in 2022
- 22. (ArcGIS API for JS) ArcGIS API for JS Circle Collection (sketchviewmodel)
- Jerry's ble exiting Bluetooth mode card machine [chapter]
- Jerry's broadcast has built-in flash prompt tone to control playback pause [chapter]
- CVPR 2022 best paper candidate | pip: six inertial sensors realize whole body dynamic capture and force estimation
- 树莓派设置静态ip
- 如何替换模型的骨干网络(backbone)
- Enumeration general interface & enumeration usage specification
- PIP download only, not install
- 海思3559万能平台搭建:RTSP实时播放的支持
猜你喜欢
数学归纳与递归
腾讯云原生数据库TDSQL-C入选信通院《云原生产品目录》
R data analysis: how to predict Cox model and reproduce high score articles
HMS Core 机器学习服务打造同传翻译新“声”态,AI让国际交流更顺畅
25.(arcgis api for js篇)arcgis api for js线修改线编辑(SketchViewModel)
VHDL implementation of single cycle CPU design
枚举通用接口&枚举使用规范
Principle of attention mechanism
Depth analysis of compilation constants, classloader classes, and system class loaders
Function reentry, function overloading and function rewriting are understood by yourself
随机推荐
迷失在MySQL的锁世界
编译常量、ClassLoader类、系统类加载器深度探析
22.(arcgis api for js篇)arcgis api for js圆采集(SketchViewModel)
Basic concepts of Huffman tree
An error in SQL tuning advisor ora-00600: internal error code, arguments: [kesqsmakebindvalue:obj]
1200.Minimum Absolute Difference
制作(转换)ico图标
CMB's written test - quantitative relationship
“去虚向实”大潮下,百度智能云向实而生
Open3D 网格滤波
[tools] basic concept of database and MySQL installation
unrecognized selector sent to instance 0x10b34e810
25.(arcgis api for js篇)arcgis api for js线修改线编辑(SketchViewModel)
R data analysis: how to predict Cox model and reproduce high score articles
Laravel php artisan 自动生成Model+Migrate+Controller 命令大全
Tencent cloud native database tdsql-c was selected into the cloud native product catalog of the Academy of communications and communications
Search of linear table
Matlab Error (Matrix dimensions must agree)
Leetcode-02 (linked list question)
23. (ArcGIS API for JS) ArcGIS API for JS ellipse collection (sketchviewmodel)