今天要调试一个SSL证书的有效性,在Apache下完全正常,就试着放到Nginx下做测试,根据网上的教程安装配置完成后,启动Nginx都正常,也让我输入证书的密码了……但就是无法访问,日志上报证书的密码出错,后来自己摸索了一下,是一些教程写地不够详细,下面是我的安装步骤:
1.下载安装包
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.9.tar.gz wget http://www.nginx.com.cn/download/nginx-0.8.20.tar.gz wget http://www.openssl.org/source/openssl-0.9.8d.tar.gz wget http://labs.frickle.com/files/ngx_cache_purge-1.2.tar.gz
2.安装pcre
tar -zvxf pcre-7.9.tar.gz cd pcre-7.9 ./configure make -j10 make install
3.安装OpneSsl
tar -zvxf openssl-0.9.8d.tar.gz cd openssl-0.9.8d ./config make -j10 make install
4.安装Nginx
tar -zvxf ngx_cache_purge-1.2.tar.gz tar -zvxf nginx-0.8.20.tar.gz cd nginx-0.8.20 /usr/sbin/groupadd www /usr/sbin/useradd -g www www ./configure –user=www –group=www –add-module=../ngx_cache_purge-1.2 –with-md5=/usr/lib –with-sha1=/usr/lib –with-cc-opt="-I /usr/local/pcre -I /usr/local/ssl/include/openssl" –with-http_ssl_module –with-http_stub_status_module make -j10 make install
5.配置Nginx
……(略去)
server
{
listen 443;
server_name 你的域名;
ssl on;
ssl_certificate cert.crt;
ssl_certificate_key cert.key;(定义好上面两个证书文件的路径和文件名)
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
index index.html index.htm index.jsp;
root /via/www/root;
location /
……(略去) 6.启动Nginx
/usr/local/nginx/sbin/nginx
说点什么吧