zoukankan      html  css  js  c++  java
  • config https in nginx(free)

    get server.key with password

    openssl genrsa -des3 -out server.key 2048
    

    get server.key no password

    openssl rsa -in server.key -out server.key
    

    get server.csr

    openssl req -new -key server.key -out server.csr
    country name: CN
    common name: mysite.com
    

    get ca.crt

    openssl req -new -x509 -key server.key -out ca.crt -days 3650
    

    get server.crt

    openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey server.key -CAcreateserial -out server.crt
    

    config ssl.conf

    server {
        listen 443 ssl;
        server_name localhost;
        ssl_certificate /root/keys/server.crt;
        ssl_certificate_key /root/keys/server.key;
    
        ssl_session_timeout 5m; 
        ssl_protocols SSLv2 SSLv3 TLSv1; 
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; 
        ssl_prefer_server_ciphers on;
    }
    

    open 443 port

    iptables -I INPUT -p tcp --dport 443 -j ACCEPT
    

    restart nginx

    nginx -s stop
    nginx
    
  • 相关阅读:
    二维数组和指向指针的指针
    多路复用构建高性能服务器
    disque概要
    漫谈云计算与SOA (1)
    zeromq
    自定义内存分配
    基于行的操作
    反应器类型的操作
    多个流,简短的读和写
    缓存
  • 原文地址:https://www.cnblogs.com/otfsenter/p/9723129.html
Copyright © 2011-2022 走看看