How to configure HTTPS Server with Self-Signed Certificate on nginx
跳到导航
跳到搜索
Generate a self-signed certification:
openssl req -new -x509 -sha256 -days 365 -nodes -out nginx.pem -keyout nginx.key
Generate a Certificate Signing Request for a Commercial SSL Certificate
openssl req -new -days 365 -nodes -keyout example.com.key -out example.com.csr
You can provide the example.com.csr
file to a commercial certificate provider for signing.
You will receive a signed certificate file after the CA signs the request. Save this file as example.com.crt
.
Configure Nginx:
copy nginx.pem and nginx.key or example.com.key and example.com.crt to /etc/nginx
Use self-signed certification:
server {
listen 443 ssl;
server_name yourdomain.com;
keepalive_timeout 70;
ssl_certificate nginx.pem;
ssl_certificate_key nginx.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
...
}
use Commercial SSL Certificate:
server {
listen 443 ssl;
server_name www.example.com;
keepalive_timeout 70;
ssl_certificate example.com.crt;
ssl_certificate_key example.com.key;;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
...
}