收录了这篇文章
一、通过openssl命令自建证书
1、创建私钥:
openssl genrsa -out server.key 1024
2、证书请求:
openssl req -new -out server.csr -key server.key
3、自签署证书:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
4、将证书变成浏览器支持的.p12格式
openssl pkcs12 -export -clcerts -in server.crt -inkey server.key -out server.p12
二、Nginx 配置
server { listen 443 ssl; server_name test.com www.test.com; ssl_certificate /root/server.crt; ssl_certificate_key /root/server.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass http://www.test.com; } }
声明:本站所有文章和图片,如无特殊说明,均为原创发布。商业转载请联系作者获得授权,非商业转载请注明出处。