centos安装nginx并配置SSL证书

安装nginx的命令

sudo yum install epel-release

sudo yum install nginx

让nginx随系统启动而启动

sudo systemctl enable nginx

常用命令

启动:nginx

停止:nginx -s stop

重载配置:nginx -s reload

配置路径:/etc/nginx/

日志路径:/var/log/nginx

打开配置文件

在HTTP节点下配置两个server节点,其他不变

server

{

listen 443;

server_name your-domain.com www.your-domain.com;

ssl on;

ssl_certificate /root/ssl/your-domain.crt;

ssl_certificate_key /root/ssl/your-domain.key;

ssl_session_timeout 5m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

location / {

proxy_buffer_size 128k;

proxy_buffers 32 32k;

proxy_busy_buffers_size 128k;

proxy_pass :912;

}

}

server

{

listen 80;

server_name your-domain.com www.your-domain.com;

rewrite ^(.*)$permanent;

}

your-domain.com替换成你自己的域名 your-domain.crt和your-domain.key是你的证书文件,换成你自己的证书文件路径 域名解析,增加两个A记录,主机名一个是www的,一个是@,记录值是你服务器的IP地址 配置完成之后要重新加载nginx:nginx -s reload