溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
實例1:為已安裝nginx動態添加模塊
以安裝rtmp媒流模塊為例:
1)下載第三方模塊到
[root@LNMP nginx-1.8.1]# git clone https://github.com/arut/nginx-rtmp-module.git
2)查看nginx編譯安裝時安裝的模塊
[root@LNMP nginx-1.8.1]# nginx -V nginx version: nginx/1.8.1 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-http_ssl_module
3)cd到源碼目錄添加模塊重新配置編譯
[root@LNMP nginx]# cd /root/tools/nginx-1.8.1 [root@LNMP nginx-1.8.1]# ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-http_ssl_module --add-module=/root/tools/nginx-1.8.1/nginx-rtmp-module
[root@LNMP nginx-1.8.1]# make
#此處只進行編譯不進行安裝,如安裝的話會覆蓋源文件。
4)在編譯完成后,會在當前目錄下生成一個objs文件夾,將nginx二進制文件拷貝到源安裝目錄下,注意備份源文件,然后查看編譯后的模塊。
[root@LNMP nginx-1.8.1]# mv /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.20170825 [root@LNMP nginx-1.8.1]# cp objs/nginx /usr/local/nginx/sbin/nginx [root@LNMP nginx-1.8.1]# nginx -V nginx version: nginx/1.8.1 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-http_ssl_module --add-module=/root/tools/nginx-1.8.1/nginx-rtmp-module [root@LNMP nginx-1.8.1]# nginx -s reload
實例2:nginx使用ssl模塊配置https支持
1、生成證書(注意此證書為自己頒發的在公網上不受信任)
1)生成一個rsa密鑰:
[root@LNMP ssl]# openssl genrsa -des3 -out test.key 1024 Generating RSA private key, 1024 bit long modulus ..............................++++++ ...........................++++++ e is 65537 (0x10001) Enter pass phrase for test.key: #輸入密碼,需要復雜性要求 Verifying - Enter pass phrase for test.key: #重復密碼
2)拷貝剛才的密碼文件,生成一個不需要密碼的密鑰文件:
[root@LNMP ssl]# openssl rsa -in test.key -out test_nopass.key Enter pass phrase for test.key: #輸入以上創建時輸入的密碼 writing RSA key
3)生成一個證書請求文件
[root@LNMP ssl]# openssl req -new -key test.key -out test.csr Enter pass phrase for test.key: #輸入以上創建時輸入的密碼 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn #國家 State or Province Name (full name) []:shanghai #省份 Locality Name (eg, city) [Default City]:shanghai #城市 Organization Name (eg, company) [Default Company Ltd]:shanghai information company Ltd #具體名稱 Organizational Unit Name (eg, section) []:test #單位名稱 Common Name (eg, your name or your server''s hostname) []:*.test.cn #服務器域名 Email Address []:admin@test.cn #郵箱 Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: #密碼為空,直接回車 An optional company name []: #密碼為空,直接回車
4)自己簽發證書
[root@LNMP ssl]# openssl x509 -req -days 365 -in test.csr -signkey test.key -out test.crt Signature ok subject=/C=cn/ST=shanghai/L=shanghai/O=shanghai information company Ltd/OU=test/CN=*.test.cn/emailAddress=admin@test.cn Getting Private key Enter pass phrase for test.key: #輸入test.key設置的密碼
2、配置nginx.conf文件
[root@LNMP ssl]# vim /usr/local/nginx/conf/nginx.conf
添加如下:
server {
listen 80;
server_name localhost;
listen 443; #監聽端口
ssl on; #開啟ssl
ssl_certificate /usr/local/nginx/conf/test.crt; #指定證書位置
ssl_certificate_key /usr/local/nginx/conf/test_nopass.key; #指定密鑰文件,如此處使用test.key則每次啟動nginx服務器需要舒服key密碼。[root@LNMP ssl]# nginx -s reload #重加載配置
-----------------------------------end-----------------------------------------------------
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
