Step a: Construction Nginx server
yum -Y PCRE the install GCC -devel OpenSSL -devel # install dependencies
wget http://nginx.org/download/nginx-1.12.2.tar.gz (Ali source can also be configured with a mounting yum)
tar -xf nginx -1.12.2 Tar.gz
./configure \
--prefix = / usr / local / Nginx \ specify the installation path #
--user = nginx \ # specify the user
--group = nginx \ # specified group
- with -http_ssl_module # turn on SSL encryption
make && make install # compile and install (If you do not make install install yourself)
Nginx usage command
/ usr / local / nginx / sbin / nginx start the service #
/ usr / local / nginx / sbin / nginx -s STOP # shut down service
/ usr / local / nginx / sbin / nginx -s reload to reload the configuration file #
/ usr / local / nginx / sbin / nginx -V # View software information
At this point it is nginx installed and started saying modify and complete the following under the action profiles
User authentication, then open configuration is as follows:
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name localhost;
auth_basic "the Input Password:" ; // authentication prompt information
auth_basic_user_file "/ usr / local / nginx / Pass" ; // authentication password file
location / {
root html;
index index.html index.htm;
}
}
After the configuration file is generated password, create a user and password
yum -y install httpd-tools
htpasswd - c / usr / local / nginx / Pass tom // create the password file
/ Usr / local / nginx / Pass Jerry // additional users, do not use the -c option
Creating user and password will be stored in / usr / local / nginx / pass under
/ usr / local / nginx / sbin / nginx -s reload // reload the configuration file with wab will then access a user name and password
Source installation must use the --with-http_ssl_module parameters Nginx, enable encryption module for the site needs to add ssl SSL encryption processing related instructions (website set up private keys and certificates needed).
Encryption algorithms are generally divided into symmetric algorithms, asymmetric algorithms, message digest.
Symmetric algorithms are: AES, DES, mainly used in stand-alone data encryption.
Asymmetric algorithms: RSA, DSA, mainly used in network data encryption.
Information Summary: MD5, sha256, mainly used in data integrity check.
Generating a private key and certificate
cd /usr/local/nginx/conf
genrsa OpenSSL > CERT .key // generate a private key
REQ OpenSSL - new new -x509- -key CERT .key > CERT .pem // generate a certificate
Nginx modify configuration files, encrypted Web site set up virtual hosts
vim /usr/local/nginx/conf/nginx.conf
- server {
- listen 443 ssl;
- server_name www.c.com;
- CERT ssl_certificate .pem ; # This is the certificate file
- CERT ssl_certificate_key .key ; # This is the private key file
- ssl_session_cache shared:SSL:1m;
- ssl_session_timeout 5m;
- ssl_ciphers HIGH:!aNULL:!MD5;
- ssl_prefer_server_ciphers on;
- location / {
- root html;
- index index.html index.htm;
- }
- }
/ usr / local / nginx / sbin / nginx -s reload reload configuration
Modify the client host / etc / hosts file 192.168.4.10, the domain name resolution
- vim /etc/hosts
- 192.168.4.5 www.c.com www.a.com www.b.com
HTTPS Firefox : After //www.c.com // trust certificates can be accessed