Nginx – 盧尛朋友

CentOS 7 使用 openssl 產生 SSL 憑證 (NGINX 範例)

2017-05-30 by Ru Ru·0 Comments

1．安裝 NGINX

yum -y install nginx

1	yum -y install nginx

2．建立 SSL 憑證存放目錄

mkdir /etc/nginx/ssl

1	mkdir /etc/nginx/ssl

3．用 openssl 產生憑證

openssl req -new -x509 -sha256 -days 3650 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -nodes -subj  '/C=TW/ST=Taiwan/L=Taipei/O=demo org/OU=demo org unit/CN=demodomain123.com'

1	openssl req -new -x509 -sha256 -days 3650 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -nodes -subj '/C=TW/ST=Taiwan/L=Taipei/O=demo org/OU=demo org unit/CN=demodomain123.com'

4．設定 NGINX 的憑證、私鑰路徑，監聽 HTTPS

路徑：/etc/nginx/nginx.conf

server {
        listen 80 default_server;
        listen [::]:80 default_server;
        listen 443 ssl;

        root /usr/share/nginx/html;
        index index.html index.htm;

        server_name demodmoain123.com;

        ssl_certificate /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key /etc/nginx/ssl/nginx.key;

        location / {
                try_files $uri $uri/ =404;
        }
}

server {

listen 80 default_server;

listen [::]:80 default_server;

listen 443 ssl;

root /usr/share/nginx/html;

index index.html index.htm;

server_name demodmoain123.com;

ssl_certificate /etc/nginx/ssl/nginx.crt;

ssl_certificate_key /etc/nginx/ssl/nginx.key;

location / {

try_files $uri $uri/ =404;

}

5．重啟 NGINX

service nginx restart

1	service nginx restart

CentOS 7 – Nginx 安裝 LetsEncrypt 憑證

2017-04-28 by Ru Ru·0 Comments

LetsEncrypt 是免費的 SSL 憑證

官網：https://letsencrypt.org/

官網推薦的套件 Certbot，可透過指令取得憑證。

CentOS7-Nginx 安裝說明文件

1．首先安裝 EPEL 套件

yum -y install epel-release

1	yum -y install epel-release

2．安裝 Certbot

yum -y install certbot

1	yum -y install certbot

3．驗證並取得憑證 (如果沒有 Nginx 就裝一下吧，yum -y intsall nginx)

certbot certonly --webroot -w /usr/share/nginx/html -d www.rusnake.com

1	certbot certonly --webroot -w /usr/share/nginx/html -d www.rusnake.com

-w：後面接網站根目錄

-d：為域名 (Domain Name)

Nginx 調整上傳限制

2016-09-05 by Ru Ru·0 Comments

1．編輯 php.ini

/etc/php.ini

1	/etc/php.ini

調整上傳檔案、POST 限制

upload_max_filesize = 16M
post_max_size = 16M

1 2	upload_max_filesize = 16M post_max_size = 16M

2．編輯 nginx.conf

/etc/nginx/nginx.conf

1	/etc/nginx/nginx.conf

加入或修改客戶端上傳限制

http {
    client_max_body_size 16m;
}

http {

client_max_body_size 16m;

}

3．重新載入 PHP 、NGINX 設定

service nginx reload
service php-fpm reload

1 2	service nginx reload service php-fpm reload

盧尛朋友

學海無涯，回頭是ㄢ‵

分類: Nginx

CentOS 7 使用 openssl 產生 SSL 憑證 (NGINX 範例)

CentOS 7 – Nginx 安裝 LetsEncrypt 憑證

Nginx 調整上傳限制