Step 1: Use the OpenSSL visa

OpenSSL installation under Windows

  1. Go to the OpenSSL website to download the installation package
  2. Click on the install
  3. Configure the OpenSSL environment variables
  4. Test that OpenSSL is installed successfully by entering it in CMDopenssl versionDisplaying the OpenSSL version is successful

OpenSSL installation under CentOS

1. Check whether it is installed or not. In the terminal, type OpenSSL version to show that OpenSSL version is installed, no need to install again

2. If no installation is executed

yum install openssl
yum install openssl-devel

To generate the signature

  1. Generate key file

    openssl genrsa -idea -out jesonc.key 1024
  2. Enter the password and confirm the password
  3. Generate the CSR file

    openssl req -new -key jesonc.key -out jesonc.csr
  4. Generate the CA file with a validity set for 10 years

    openssl x509 -req -days 3650 -in jesonc.csr -signkey jesonc.key -out jesonc.crt
  5. Convert the private key to a password-less private key using OpenSSL

    openssl rsa -in jesonc.key -out jesonc_nopsd.key

Step 2: Configure nginx

Modify the nginx.conf configuration to the following HTTPS request configuration. After the modification, restart nginx

server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; ssl_certificate "D:/key/jesonc.crt"; ssl_certificate_key "D:/key/jesonc_nopsd.key"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers HIGH:! SSLv2:! SSLv3; ssl_prefer_server_ciphers on; location / { alias D:/html/; index index.html; }}

reference

Configure an HTTPS server with nginx under Windows. Configure an HTTPS server with nginx