目录
一、Nginx安装
安装 Nginx 官方的 YUM 仓库配置包
bash
rpm -Uvh https://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm找不到可用手动打开 https://nginx.org/packages/centos/7/noarch/RPMS 网页看看文件名是否正常
检测配置包是否可用
bash
yum repolist all | grep nginx如果显示enabled表示可用,直接运行命令安装
bash
yum install nginx -y如果没有显示enabled
bash
vim /etc/yum.repos.d/nginx.repo写入下面配置
bash
[nginx]
name=nginx repo
baseurl=http://mirrors.aliyun.com/nginx/packages/centos/7/$basearch/
gpgcheck=0
enabled=1然后运行命令进行安装
bash
yum clean all
yum makecache
yum install nginx -y二、启动Nginx
bash
service nginx start三、启用HTTPS协议
(1)申请免费ssl证书
在腾讯云免费申请一个ssl证书
下载下来
下载下来是一个压缩包,把它里面内容都放到服务器
/etc/nginx/目录
(2)修改配置
vim /etc/nginx/nginx.conf
bash
http {
......
server {
#SSL 设置访问端口
listen 443 ssl; # 必须443
#填写绑定证书的域名
server_name xxx.cn www.xxx.cn; # 我解析里配置了两种域名都可以访问
#证书文件名称
ssl_certificate www.xxx.cn_bundle.crt;
#私钥文件名称
ssl_certificate_key www.xxx.cn.key;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCMSHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:8801; # 设置自定义端口号8801
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 禁用http
server {
listen 80;
server_name xxx.cn www.xxx.cn;
return 404;
}
}重新启动nginx
bash
service nginx restart如果遇到错误,查看状态!
bash
systemctl status nginx.servicefinish!