CentOS7 nginx 自签名域名:ctyunaidev7100做tls端口做成Shell脚本一键生成无需手动填写信息。有效时间10年给出配置nginx ssl 的实例如果访问HTTP自动跳转到HTTPS
以下是生成SSL证书的Shell脚本:
#!/bin/bash
DOMAIN="ctyunai.dev"
VALID_DAYS="3650"
NGINX_CONF="/etc/nginx/conf.d/default.conf"
NGINX_RELOAD="systemctl reload nginx"
# Generate SSL certificate
openssl req -x509 -nodes -days $VALID_DAYS -newkey rsa:2048 -keyout /etc/nginx/ssl/$DOMAIN.key -out /etc/nginx/ssl/$DOMAIN.crt -subj "/C=CN/ST=BeiJing/L=HaiDian/O=ctyunai/OU=ctyunai/CN=$DOMAIN"
# Update nginx configuration
sed -i "s/listen 80;/listen 7100 ssl;/g" $NGINX_CONF
sed -i '/^\tlisten 7100 ssl;$/a \\\tssl_certificate \/etc\/nginx\/ssl\/'$DOMAIN'.crt\;' $NGINX_CONF
sed -i '/^\tssl_certificate \/etc\/nginx\/ssl\/'$DOMAIN'.crt\;$/a \\\tssl_certificate_key \/etc\/nginx\/ssl\/'$DOMAIN'.key\;' $NGINX_CONF
# Reload nginx
$NGINX_RELOAD
然后是nginx配置文件的示例:
server {
listen 80;
server_name ctyunai.dev;
# Redirect all HTTP traffic to HTTPS
return 301 https://$host$request_uri;
}
server {
listen 7100 ssl;
server_name ctyunai.dev;
ssl_certificate /etc/nginx/ssl/ctyunai.dev.crt;
ssl_certificate_key /etc/nginx/ssl/ctyunai.dev.key;
location / {
root /var/www/html;
index index.html;
}
}
以上配置文件中第一个server块将所有HTTP流量重定向到HTTPS,第二个server块监听7100端口,并启用SSL。请注意将实际的证书和密钥文件路径替换为脚本中生成的路径。最后,重新加载nginx以应用更改。
原文地址: https://www.cveoy.top/t/topic/bQD8 著作权归作者所有。请勿转载和采集!