要求 :
1 nginx 1.9版本以上。
2 openssl
3 pcre
1 sudo apt-get install openssl libssl-dev
2 tar -zxvf pcre-8.36.tar.gz
cd pcre-8.36
./configure
make && make install
以上准备工作已经完成。以下开始进入安装。
3 安装openssl
一、解压
tar -xzvf ./openssl-1.0.1t.tar.gz
二、配置
cd openssl-1.0.1t/
./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl
三、编译&&安装
make && make install
# 查看安装版本
[root@localhost openssl]# openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Mon Jun 29 12:45:07 UTC 2015
platform: linux-x86_64
出现 POD document had syntax errors at /usr/bin/pod2man line 69.
make: *** [install_docs] Error 1
直接 rm -f /usr/bin/pod2man 重新编译安装即可
如果出现openssl版本不对,请安装对应的版本OPENSSL,
cd openssl-1.0.2/
./config --prefix=/opt/robustlink/openssl/ssl
make && make install
创建软连接
ln -s /opt/robustlink/openssl/ssl/bin/openssl /usr/bin/openssl
ln -s /opt/robustlink/openssl/ssl/include/openssl /usr/include/openssl
并检查相应版本 openssl version -a
如果确认openssl安装成功,并且版本检查也正确,但是还是提示版本太低 请直接删除 /usr/bin/openssl /usr/include/openssl 这两个软连接
如果相关路径权限不允许 请chown 一下
4 编译 nginx
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-stream --with-http_ssl_module --with-openssl=/opt/robustlink/openssl/ssl --conf-path=/usr/local/nginx/nginx.conf
nginx 安装出错
打开nginx源文件下的/usr/local/src/nginx-1.9.9/auto/lib/openssl/conf文件:
找到以下代码
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
修改为如下
CORE_INCS="$CORE_INCS $OPENSSL/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libcrypto.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } stream{ upstream MQTT_1883 { #hash $remote_addr consistent; server 172.16.18.205:1883; server 172.16.18.206:1883; server 172.16.18.207:1883; } upstream MQTT_1884 { #hash $remote_addr consistent; server 172.16.18.205:1884; server 172.16.18.206:1884; server 172.16.18.207:1884; } server { listen 1883; proxy_pass MQTT_1883; proxy_connect_timeout 5s; #快速故障检查 proxy_timeout 6s; #设置超时时间,连接将超时断开。 proxy_download_rate 1k; #限制下载速度为1k proxy_upload_rate 1000k; #限制上传速度为10k #limit_conn ip_addr 1; ##是限制每个IP只能发起1个连接 (addr 要跟 limit_conn_zone 的变量对应) #allow 0.0.0.0; #acl,设置允许访问IP地址; #deny all; } server { listen 1884; proxy_pass MQTT_1884; proxy_connect_timeout 1s; #快速故障检查 proxy_timeout 3s; #设置超时时间,连接将超时断开。 proxy_download_rate 1k; #限制下载速度为1k proxy_upload_rate 1000k; #限制上传速度为10k #limit_conn ip_addr 1; ##是限制每个IP只能发起1个连接 (addr 要跟 limit_conn_zone 的变量对应) #allow 0.0.0.0; #acl,设置允许访问IP地址; #deny all; } } http { include mime.types; default_type application/octet-stream; client_max_body_size 500M; sendfile on; keepalive_timeout 65; upstream link.robustel.com.iot{ server 172.16.18.250:8080 ; } server { listen 80; server_name localhost; location / { root html; index login.html index.html index.htm; } location /iot { proxy_pass http://link.robustel.com.iot/iot; root html; index index.html index.htm; } location /pl { proxy_pass http://link.robustel.com.iot/pl; root html; index index.html index.htm; } location /link { proxy_pass http://link.robustel.com.iot/link; root html; index index.html index.htm; } location /rlink { proxy_pass http://link.robustel.com.iot/rlink; root html; index index.html index.htm; } error_page 404 = login.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }