腾讯云搭建https域名

最新推荐文章于 2024-09-21 18:41:24 发布

一曲微茫度此生

最新推荐文章于 2024-09-21 18:41:24 发布

阅读量1.4k

点赞数

分类专栏：浏览器文章标签：配置https 配置https域名 ssl证书腾讯云配置https

本文链接：https://blog.youkuaiyun.com/weixin_41782053/article/details/81510447

版权

浏览器专栏收录该内容

6 篇文章

订阅专栏

腾讯云搭建https域名

2018年07月20日 17:06:20

阅读数：81

1、先去腾讯官网申请一个免费的证书，下载下来传到服务器端

2、找到nginx配置文件，加入一下配置下【http内】

server {
        listen 443; # 默认端口443
        server_name test.duyong.xyz; # 自己的域名
        root   /var/www/html/https;  # 访问的路径
        rewrite ^(.*)$  https://$host$1 permanent;
        #ssl on;  # 开启ssl证书访问
        ssl_certificate ../crt/1_duyong.xyz_bundle.crt; #
        ssl_certificate_key ../crt/2_duyong.xyz.key;
        ssl_session_timeout 10m; # session有效期10分钟
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # 协议版本  按照这个协议配置
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件
配置
        ssl_prefer_server_ciphers on; 
        location / { 
            index  index.html index.htm; # 默认访问文件
        }
    }

3、重启nginx

如果提示这个：nginx: [emerg] unknown directive "ssl" in /usr/local/nginx/conf/nginx.conf:

执行：./configure --with-http_ssl_module
checking for OS
 + Linux 3.10.0-693.11.6.el7.x86_64 x86_64
checking for C compiler ... found
 + using GNU C compiler
 + gcc version: 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC)
checking for gcc -pipe switch ... found
checking for -Wl,-E switch ... found
checking for gcc builtin atomic operations ... found
checking for C99 variadic macros ... found
checking for gcc variadic macros ... found
checking for gcc builtin 64 bit byteswap ... found
checking for unistd.h ... found
checking for inttypes.h ... found
checking for limits.h ... found
checking for sys/filio.h ... not found
checking for sys/param.h ... found
checking for sys/mount.h ... found
checking for sys/statvfs.h ... found
checking for crypt.h ... found
checking for Linux specific features
checking for epoll ... found
checking for EPOLLRDHUP ... found
checking for O_PATH ... found
checking for sendfile() ... found
checking for sendfile64() ... found
checking for sys/prctl.h ... found
checking for prctl(PR_SET_DUMPABLE) ... found
checking for sched_setaffinity() ... found
checking for crypt_r() ... found
checking for sys/vfs.h ... found
checking for nobody group ... found
checking for poll() ... found
checking for /dev/poll ... not found
checking for kqueue ... not found
checking for crypt() ... not found
checking for crypt() in libcrypt ... found
checking for F_READAHEAD ... not found
checking for posix_fadvise() ... found
checking for O_DIRECT ... found
checking for F_NOCACHE ... not found
checking for directio() ... not found
checking for statfs() ... found
checking for statvfs() ... found
checking for dlopen() ... not found
checking for dlopen() in libdl ... found
checking for sched_yield() ... found
checking for SO_SETFIB ... not found
checking for SO_REUSEPORT ... found
checking for SO_ACCEPTFILTER ... not found
checking for IP_RECVDSTADDR ... not found
checking for IP_PKTINFO ... found
checking for IPV6_RECVPKTINFO ... found
checking for TCP_DEFER_ACCEPT ... found
checking for TCP_KEEPIDLE ... found
checking for TCP_FASTOPEN ... found
checking for TCP_INFO ... found
checking for accept4() ... found
checking for eventfd() ... found
checking for int size ... 4 bytes
checking for long size ... 8 bytes
checking for long long size ... 8 bytes
checking for void * size ... 8 bytes
checking for uint32_t ... found
checking for uint64_t ... found
checking for sig_atomic_t ... found
checking for sig_atomic_t size ... 4 bytes
checking for socklen_t ... found
checking for in_addr_t ... found
checking for in_port_t ... found
checking for rlim_t ... found
checking for uintptr_t ... uintptr_t found
checking for system byte ordering ... little endian
checking for size_t size ... 8 bytes
checking for off_t size ... 8 bytes
checking for time_t size ... 8 bytes
checking for setproctitle() ... not found
checking for pread() ... found
checking for pwrite() ... found
checking for pwritev() ... found
checking for sys_nerr ... found
checking for localtime_r() ... found
checking for posix_memalign() ... found
checking for memalign() ... found
checking for mmap(MAP_ANON|MAP_SHARED) ... found
checking for mmap("/dev/zero", MAP_SHARED) ... found
checking for System V shared memory ... found
checking for POSIX semaphores ... not found
checking for POSIX semaphores in libpthread ... found
checking for struct msghdr.msg_control ... found
checking for ioctl(FIONBIO) ... found
checking for struct tm.tm_gmtoff ... found
checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
checking for PCRE library ... found
checking for PCRE JIT support ... found
checking for OpenSSL library ... found
checking for zlib library ... found
creating objs/Makefile
 
Configuration summary
  + using system PCRE library
  + using system OpenSSL library
  + md5: using OpenSSL library
  + sha1: using OpenSSL library
  + using system zlib library
 
  nginx path prefix: "/usr/local/nginx"
  nginx binary file: "/usr/local/nginx/sbin/nginx"
  nginx modules path: "/usr/local/nginx/modules"
  nginx configuration prefix: "/usr/local/nginx/conf"
  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
  nginx pid file: "/usr/local/nginx/logs/nginx.pid"
  nginx error log file: "/usr/local/nginx/logs/error.log"
  nginx http access log file: "/usr/local/nginx/logs/access.log"
  nginx http client request body temporary files: "client_body_temp"
  nginx http proxy temporary files: "proxy_temp"
  nginx http fastcgi temporary files: "fastcgi_temp"
  nginx http uwsgi temporary files: "uwsgi_temp"
  nginx http scgi temporary files: "scgi_temp"

4、然后执行make （不要执行make instal）

-Wl,-E
sed -e "s|%%PREFIX%%|/usr/local/nginx|" \
        -e "s|%%PID_PATH%%|/usr/local/nginx/logs/nginx.pid|" \
        -e "s|%%CONF_PATH%%|/usr/local/nginx/conf/nginx.conf|" \
        -e "s|%%ERROR_LOG_PATH%%|/usr/local/nginx/logs/error.log|" \
        < man/nginx.8 > objs/nginx.8
make[1]: Leaving directory `/home/nginx-xb/nginx-1.10.1'

5、执行

cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak

cp: overwrite ‘/usr/local/nginx/sbin/nginx.bak’?
[root@vm10-0-0-19 nginx-1.10.1]#
[root@vm10-0-0-19 nginx-1.10.1]# cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak

cp: overwrite ‘/usr/local/nginx/sbin/nginx.bak’? Y

这里说下：上面说，是否覆盖文件，我就直接回车了。所以导致执行很多遍都不行。所以：一定要输入Y确认覆盖。才可以的

6：将新的 nginx 覆盖旧安装目录

cp objs/nginx /usr/local/nginx/sbin/nginx

最后：测试一下吧

/usr/local/nginx/sbin/nginx -t

然后重新启动服务器

7、浏览器输入https+域名就可以了