zoukankan      html  css  js  c++  java
  • nginx SLL配置 the "ssl" parameter requires ngx_http_ssl_module in nginx.c

    记录一下今天给一个站点配置SSL证书遇到的问题。

    修改配置

    在阿里云申请到SLL证书后(过程参见《阿里云申请免费SSL证书》)上传到 nginx的 cert文件夹之后
    需要修改站点对应的nginx 配置,添加如下内容(需要将.pem和.key文件名改成你的):

        listen 443 ssl;
        ssl on;
        ssl_certificate   cert/3969078_www.xxxx.cn.pem;
        ssl_certificate_key  cert/3969078_www.xxxx.cn.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        underscores_in_headers on;
    

    重载nginx配置

    centos7 如果配置了 server 的话可以使用以下命令重载
    systemctl reload nginx

    没有话使用下面的命令重载
    nginx -s reload

    我在重载的时候,发现报如下报错了:

    nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/nginx/conf/nginx.c
    

    这个错误的原因是因为安装nginx的时候没有添加 ssl 模块

    添加 nginx ssl模块

    我是自己下载源码进行编译安装的,解决方法如下:

    1. 安装依赖
    yum -y install openssl openssl-devel
    
    1. 在nginx源码目录执行以下命令,配置ssl模块
    ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
    make
    
    1. 替换 nginx
    cp ./objs/nginx /usr/local/nginx/sbin/
    
    1. 重启nginx
    systemctl restart nginx
    

    这里我遇到一个问题,启动失败了,使用systemctl status nginx查看提示log文件不存在

    $ systemctl status nginx
    ● nginx.service - nginx
       Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
       Active: failed (Result: exit-code) since Tue 2020-05-26 11:14:54 CST; 1min 0s ago
      Process: 16838 ExecStop=/usr/local/nginx/sbin/nginx -s quit (code=exited, status=1/FAILURE)
      Process: 16812 ExecReload=/usr/local/nginx/sbin/nginx -s reload (code=exited, status=1/FAILURE)
      Process: 16913 ExecStart=/usr/local/nginx/sbin/nginx (code=exited, status=1/FAILURE)
     Main PID: 32010 (code=exited, status=0/SUCCESS)
    
    May 26 11:14:54 1lin24 systemd[1]: Starting nginx...
    May 26 11:14:54 1lin24 systemd[1]: nginx.service: control process exited, code=exited status=1
    May 26 11:14:54 1lin24 nginx[16913]: nginx: [alert] could not open error log file: open() "/usr/local/nginx/logs/error.log" failed (2: No su...irectory)
    May 26 11:14:54 1lin24 nginx[16913]: 2020/05/26 11:14:54 [emerg] 16913#0: open() "/usr/local/nginx/logs/error.log" failed (2: No such file or directory)
    May 26 11:14:54 1lin24 systemd[1]: Failed to start nginx.
    May 26 11:14:54 1lin24 systemd[1]: Unit nginx.service entered failed state.
    May 26 11:14:54 1lin24 systemd[1]: nginx.service failed.
    Hint: Some lines were ellipsized, use -l to show in full.
    
    1. 在对应目录下创建丢失的目录
    mkdir /usr/local/nginx/logs
    
    1. 再次重启nginx即可
    systemctl restart nginx
    
  • 相关阅读:
    scripting.dictionary的彻底研究
    希望老人江诗信
    JavaScript正则表达式
    ASP日期和时间函数示例
    Asp网页制作技巧
    常见URL字符及URL编码值
    ASP.NET中如何调用存储过程
    【网摘】C#处理Json的另外一种方式 拓荒者
    使用Lucene.net进行全文查找多关键字匹配 拓荒者
    C#通用类型转换 Convert.ChangeType 拓荒者
  • 原文地址:https://www.cnblogs.com/1lin24/p/12964684.html
Copyright © 2011-2022 走看看