Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.

If you need to use HTTPS for access, you need to configure the SSL certificate through Nginx. Therefore, the first step is to obtain the SSL certificate

Obtaining an SSL Certificate

Here I used Tencent cloud to obtain SSL certificate, you can also obtain it from other ways.

You can apply for a free certificate from Tencent Cloud SSL certificate, and download it after application:

After downloading, we can see another Nginx folder with a CRT file and a key file that we need to put on your server. In this case, I put these two files in /usr/local/nginx/conf

Modify the nginx.conf file

We need to configure the SSL certificate configuration and the route you need to forward in the nginx.conf folder

cd /usr/local/nginx/conf
vi nginx.conf
Copy the code

We need to add a server node to the nginx.conf HTTP

server { listen 443 ssl; server_tokens off; keepalive_timeout 5; Server_name www.lirui.site; Ssl_certificate 1_lirui.site_bundle. CRT ssl_certificate 1_lirui.site_bundle. CRT ssl_certificate 1_lirui.site_bundle. CRT Enter the name of your private key file, for example, 2_lirui.site.key. ssl_session_timeout 5m; Ssl_protocols TLSv1 TLSv1.1 TLSv1.2 ssl_protocols TLSv1 TLSv1.1 TLSv1.2 Ssl_ciphers ecdhe-RSA-AES128-GMC-sha256 :HIGH:! Ssl_ciphers ecdhe-RSA-AES128-GMC-sha256 :HIGH:! aNULL:! MD5:! RC4:! DHE; ssl_prefer_server_ciphers on; location / { root /data/dist; index index.html index.htm; Proxy_pass http://1.15.154.207:80/; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; }}Copy the code

Once configured, we can go reboot

cd /usr/local/nginx/sbin/nginx
./nginx
Copy the code

The result shows that the restart cannot be performed, and the following error occurs

Nginx :[emerg]unknown directive SSL, is this errorCopy the code

Why is that? We need to configure SSL certificate to reference the SSL module in nginx. At that time, the nginx we installed did not compile SSL module, so we need to compile SSL module by reference, but we do not need to restart the installation of nginx. We just need to go to the nginx directory that you downloaded and unzipped at the time to do it:

/configure --with-http_ssl_module Run the make command to make the SSL moduleCopy the code

After executing the above command, we will see an objs folder in the installation directory with an extra nginx file

/usr/local/nginx/sbin /usr/local/nginx/sbin /usr/local/nginx/sbin

After overwriting, we can verify that the SSL module was successfully introduced

cd /usr/local/nginx/sbin
./nginx -v
Copy the code

If the SSL module is successfully introduced, restart nginx and the entire SSL certificate configuration is complete.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Nginx configures SSL certificates for HTTPS access

Obtaining an SSL Certificate

Modify the nginx.conf file

Nginx configures SSL certificates for HTTPS access

Obtaining an SSL Certificate

Modify the nginx.conf file

Related Posts

Linux extracts string-specific results

Design Patterns (0)- Getting started

Theory of Conquering Spring AOP once and for all