一.查看nginx模块
/usr/local/nginx/sbin/nginx -V
二.安装openssl包
yum -y install pcre pcre-devel zlib zlib-devel openssl openssl-devel
三.重新编译nginx源码包,并且生成了新的obj目录
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-file-aio --with-http_realip_module
make ###到此结束, 千万不要make install ,否则会覆盖以前nginx的目录
四.备份nginx启动程序并且复制新生成obj目录的nginx启动文件
1.首先备份以前的启动程序
cp /usr/local/nginx/sbin/nginx nginx.bak
2.复制obj新生成的启动程序,覆盖到以前的nginx
cp /usr/local/nginx-1.7.9/objs/nginx /usr/local/nginx/sbin/nginx
3.检测nginx是否有问题,并切坚持模块是否添加成功
五.添加虚拟主机并且添加ssl域名证书。
server {
listen ;
server_name XX;
access_log /usr/local/nginx/logs/jXX_access.log;
error_log /usr/local/nginx/logs/XX_error.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://XX/;
proxy_redirect off;
}
# error_page /50x.html;
#location = /50x.html {
# root $root_path;
# }
}
server {
listen ;
server_name XXX;
ssl on;
ssl_certificate /usr/local/nginx/conf/cert/.pem;
ssl_certificate_key /usr/local/nginx/conf/cert/.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1. TLSv1.;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://XXX/;
proxy_redirect off;
}
}
六.域名访问
