一、编译安装nginx

1.1 获取源码包

  1. [root@cetnos7 ~]#wget -O /usr/local/src/nginx-1.18.0.tar.gz http://nginx.org/download/nginx-1.18.0.tar.gz
  2. [root@cetnos7 ~]#cd /usr/local/src/
  3. [root@cetnos7 src]#tar xvf nginx-1.18.0.tar.gz

1.2 准备工作

  1. [root@cetnos7 ~]#yum -y install gcc pcre-devel openssl-devel zlib-devel
  2. [root@cetnos7 ~]#useradd -s /sbin/nologin nginx

1.3 进行编译

  1. [root@cetnos7 ~]#cd nginx-1.18.0
  2. [root@cetnos7 nginx-1.18.0]#./configure --prefix=/apps/nginx \
  3.  --user=nginx \
  4.  --group=nginx \
  5.  --with-http_ssl_module \
  6.  --with-http_v2_module \
  7.  --with-http_realip_module \
  8.  --with-http_stub_status_module \
  9.  --with-http_gzip_static_module \
  10.  --with-pcre \
  11.  --with-stream \
  12.  --with-stream_ssl_module \
  13.  --with-stream_realip_module
  14. [root@cetnos7 nginx-1.18.0]#make -j 4 && make install
  15. [root@cetnos7 nginx-1.18.0]#chown -R nginx.nginx /apps/nginx
  16. [root@cetnos7 nginx-1.18.0]#ll /apps/nginx/
  17. total 0
  18. drwxr-xr-x 2 nginx nginx 333 Nov 28 13:37 conf
  19. drwxr-xr-x 2 nginx nginx  40 Nov 28 13:37 html
  20. drwxr-xr-x 2 nginx nginx   6 Nov 28 13:37 logs
  21. drwxr-xr-x 2 nginx nginx  19 Nov 28 13:37 sbin

1.4 创建server文件

  1. [root@centos7 ~]#vim /usr/lib/systemd/system/nginx.service
  2. [Unit]
  3. Description=nginx - high performance web server
  4. Documentation=http://nginx.org/en/docs/
  5. After=network-online.target remote-fs.target nss-lookup.target
  6. Wants=network-online.target
  8. [Service]
  9. Type=forking
  10. PIDFile=/apps/nginx/run/nginx.pid
  11. ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf
  12. ExecReload=/bin/kill -s HUP $MAINPID
  13. ExecStop=/bin/kill -s TERM $MAINPID
  15. [Install]
  16. WantedBy=multi-user.target
  18. [root@centos7 ~]#mkdir /apps/nginx/run/    #创建pid目录
  19. [root@centos7 ~]#vim /apps/nginx/conf/nginx.conf
  20. pid /apps/nginx/run/nginx.pid;

1.5 启动nginx

  1. [root@cetnos7 ~]# ln -s /apps/nginx/sbin/nginx /usr/sbin/
  2. [root@cetnos7 ~]#nginx -v
  3. nginx version: nginx/1.18.0
  4. [root@cetnos7 ~]#systemctl enable --now nginx
  5. [root@cetnos7 ~]#ll /apps/nginx/run/
  6. total 4
  7. -rw-r--r-- 1 root root 5 Nov 28 13:57 nginx.pid

二、实现多域名

2.1 声明子配置文件

  1. [root@cetnos7 ~]#vim /apps/nginx/conf/nginx.conf
  2. http {
  3.   include         /apps/nginx/conf.d/*.conf;  #在http语句块添加此行
  4. }
  5. [root@cetnos7 ~]#mkdir /apps/nginx/conf.d -v
  6. [root@cetnos7 ~]#touch /apps/nginx/conf.d/test{1..3}.conf #创建子配置文件

2.2 子配置文件配置

  1. [root@cetnos7 ~]#cd /apps/nginx/conf.d
  2. [root@cetnos7 ~]#cat test1.conf
  3. server  {
  4.     listen          80;
  5.     server_name     www.pc.test1.org;
  6.     location / {
  7.         root        /data/nginx/html/test1;
  8.         index	    index.html;
  9.     }
  10. }
  12. [root@cetnos7 ~]#cat test2.conf
  13. server  {
  14.     listen          80;
  15.     server_name     www.pc.test2.org;
  16.     location / {
  17.         root        /data/nginx/html/test2;
  18.         index	    index.html;
  19.     }
  20. }
  22. [root@cetnos7 ~]#cat test3.conf
  23. server  {
  24.     listen          80;
  25.     server_name     www.pc.test3.org;
  26.     location / {
  27.         root        /data/nginx/html/test3;
  28.         index	    index.html;
  29.     }
  30. }

2.3 创建web目录

  1. [root@cetnos7 conf.d]#mkdir /data/nginx/html/test{1..3} -p
  2. [root@cetnos7 conf.d]#echo "<h1>pc.test1<h1>" > test1/index.html
  3. [root@cetnos7 conf.d]#echo "<h1>pc.test2<h1>" > test2/index.html
  4. [root@cetnos7 conf.d]#echo "<h1>pc.test3<h1>" > test3/index.html

2.4 重启nginx

  1. [root@cetnos7 ~]#nginx -t  #检查配置语法是否正确
  2. nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
  3. nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
  4. [root@cetnos7 ~]#nginx -s reload

2.5 测试

  1. [root@client ~]#cat /etc/hosts
  2. 10.0.0.7    test1.org test2.org test3.org  #添加本地域名解析
  3. [root@client ~]#curl www.pc.test1.org  www.pc.test2.org www.pc.test3.org
  4. <h1>pc.test1<h1>
  5. <h1>pc.test2<h1>
  6. <h1>pc.test3<h1>

三、实现https

3.1 生成自签名证书

  1. [root@centos7 ~]#openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 3650 -out ca.crt
  2. Generating a 4096 bit RSA private key
  3. ...++
  4. ..............................................................................................................................................................................................................................................................................................................................................................................................................................................++
  5. writing new private key to 'ca.key'
  6. -----
  7. You are about to be asked to enter information that will be incorporated
  8. into your certificate request.
  9. What you are about to enter is what is called a Distinguished Name or a DN.
  10. There are quite a few fields but you can leave some blank
  11. For some fields there will be a default value,
  12. If you enter '.', the field will be left blank.
  13. -----
  14. Country Name (2 letter code) [XX]:CN
  15. State or Province Name (full name) []:Shanghai
  16. Locality Name (eg, city) [Default City]:Shanghai
  17. Organization Name (eg, company) [Default Company Ltd]:test.org
  18. Organizational Unit Name (eg, section) []:test
  19. Common Name (eg, your name or your server's hostname) []:ca.test.org
  20. Email Address []:admin@123.org
  22. [root@7-1 certs]#ll
  23. total 8
  24. -rw-r--r-- 1 root root 2102 Nov 28 15:39 ca.crt
  25. -rw-r--r-- 1 root root 3272 Nov 28 15:39 ca.key

3.2自制key和csr文件

  1. [root@7-1 certs]#openssl req -newkey rsa:4096 -nodes -sha256 -keyout www.test1.org.key -out www.test1.org.csr  #重复此步骤,生成test2,test3的相关文件
  2. -----
  3. Country Name (2 letter code) [XX]:CN
  4. State or Province Name (full name) []:Beijing
  5. Locality Name (eg, city) [Default City]:Beijing
  6. Organization Name (eg, company) [Default Company Ltd]:test.org
  7. Organizational Unit Name (eg, section) []:nginx
  8. Common Name (eg, your name or your server's hostname) []:www.pc.test1.org
  9. Email Address []:root@test1.org
  10. Please enter the following 'extra' attributes
  11. to be sent with your certificate request
  12. A challenge password []:
  13. An optional company name []:
  14. ##注意国家,省,公司这个三个参数要与CA的对应##
  16. #签发证书
  17. [root@7-1 certs]#openssl x509 -req -days 3650 -in www.pc.test1.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.pc.test1.org.crt
  18. [root@7-1 certs]#openssl x509 -req -days 3650 -in www.pc.test2.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.pc.test2.org.crt
  19. [root@7-1 certs]#openssl x509 -req -days 3650 -in www.pc.test3.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.pc.test3.org.crt
  21. #合并证书文件
  22. [root@7-1 certs]#cat www.pc.test1.org.crt  ca.crt > www.test1.org.pem
  23. [root@7-1 certs]#cat www.pc.test2.org.crt  ca.crt > www.test2.org.pem
  24. [root@7-1 certs]#cat www.pc.test3.org.crt  ca.crt > www.test3.org.pem
  26. #证书文件目录如下
  27. total 60
  28. -rw-r--r-- 1 root root 1103 Nov 28 16:07 ca.crt
  29. -rw------- 1 root root 1708 Nov 28 16:07 ca.key
  30. -rw-r--r-- 1 root root 1046 Nov 28 15:46 www.pc.test1.org.crt
  31. -rw-r--r-- 1 root root  968 Nov 28 15:46 www.pc.test1.org.csr
  32. -rw------- 1 root root 1708 Nov 28 15:46 www.pc.test1.org.key
  33. -rw-r--r-- 1 root root 2149 Nov 28 15:48 www.pc.test1.org.pem
  34. -rw-r--r-- 1 root root 1046 Nov 28 16:07 www.pc.test2.org.crt
  35. -rw-r--r-- 1 root root  968 Nov 28 16:07 www.pc.test2.org.csr
  36. -rw------- 1 root root 1708 Nov 28 16:07 www.pc.test2.org.key
  37. -rw-r--r-- 1 root root 2149 Nov 28 16:07 www.pc.test2.org.pem
  38. -rw-r--r-- 1 root root 1046 Nov 28 16:01 www.pc.test3.org.crt
  39. -rw-r--r-- 1 root root  968 Nov 28 16:01 www.pc.test3.org.csr
  40. -rw------- 1 root root 1704 Nov 28 16:01 www.pc.test3.org.key
  41. -rw-r--r-- 1 root root 2149 Nov 28 16:02 www.pc.test3.org.pem

3.3 修改配置文件

  1. ##在各子配置文件的sever语句块添加,如下内容以test1为例:
  3. server  {
  4.     listen          80;
  5.     listen 	    443 ssl;
  6.     server_name     www.pc.test1.org;
  7.     ssl_certificate /apps/nginx/certs/www.test1.org.pem;
  8.     ssl_certificate_key /apps/nginx/certs/www.test1.org.key;
  9.     ssl_session_cache shared:sslcache:20m;
  10.     ssl_session_timeout 10m;
  11.     location / {
  12.         root        /data/nginx/html/test1;
  13.         index        index.html;
  14.     }
  15. }
  17. [root@cetnos7 ~]#nginx -t
  18. [root@cetnos7 ~]#nginx -s reload

3.4 访问测试

  1. [root@client ~]#curl https://www.pc.test1.org -k
  2. <h1>pc.test1<h1>
  3. [root@client ~]#curl https://www.pc.test2.org -k
  4. <h1>pc.test2<h1>
  5. [root@client ~]#curl https://www.pc.test3.org -k
  6. <h1>pc.test3<h1>



编译安装nginx,实现多域名 https的更多相关文章

  1. centos7编译安装nginx及无缝升级https

    安装依赖: yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel 下载nginx: wget -c  ...

  2. Centos7 编译安装 Nginx PHP Mariadb Memcached 扩展 ZendOpcache扩展 (实测 笔记 Centos 7.3 + Mariadb 10.1.20 + Nginx 1.10.2 + PHP 7.1.0 + Laravel 5.3 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

  3. Centos7 编译安装 Nginx PHP Mariadb Memcached 扩展 ZendOpcache扩展 (实测 笔记 Centos 7.3 + Openssl 1.1.0e + Mariadb 10.1.22 + Nginx 1.12.0 + PHP 7.1.4 + Laravel 5.4 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

  4. 初识Nginx及编译安装Nginx

    初识Nginx及编译安装Nginx 环境说明: 系统版本    CentOS 6.9 x86_64 软件版本    nginx-1.12.2 1.什么是Nginx? 如果你听说或使用过Apache软件 ...

  5. Mac Pro 编译安装 Nginx 1.8.1

    #下载相关源码包,统一放到 /usr/local/src 目录下: http://nginx.org/download/nginx-1.8.1.tar.gz http://zlib.net/zlib- ...

  6. 【转】linux 编译安装nginx,配置自启动脚本

    linux 编译安装nginx,配置自启动脚本 本文章来给各位同学介绍一篇关于linux 编译安装nginx,配置自启动脚本教程,希望有需要了解的朋友可一起来学习学习哦. 在公司的suse服务器装ng ...

  7. linux 编译安装nginx,配置自启动脚本

    本文章来给各位同学介绍一篇关于linux 编译安装nginx,配置自启动脚本教程,希望有需要了解的朋友可一起来学习学习哦. 在公司的suse服务器装nginx,记录下安装过程: 参照这篇文章:Linu ...

  8. Ubuntu 16.04源码编译安装nginx 1.10.0

    一.下载相关的依赖库 pcre 下载地址 http://120.52.73.43/jaist.dl.sourceforge.net/project/pcre/pcre/8.38/pcre-8.38.t ...

  9. Centos7 编译安装 Nginx Mariadb Asp.net Core2 (实测 笔记 Centos 7.3 + Openssl 1.1.0h + Mariadb 10.3.7 + Nginx 1.14.0 + Asp.net. Core 2 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

随机推荐

  1. CSS基础 水平居中案例

    html结构 <body> <div class="father"> <div class="son"></div&g ...

  2. 初识python: xlsxwriter 将数据写入Excel

    使用 xlsxwriter 模块将数据写入excel . #!/user/bin env python # author:Simple-Sir # time:2020/9/24 12:51 # 使用 ...

  3. Django_测试板块(六)

    本文初略的记录了Django测试板块相关信息,详情请阅官方文档:https://docs.djangoproject.com/zh-hans/3.1/topics/testing/ 开始写我们的第一个 ...

  4. Allwinner F1C100s coremark测试

    ccu register base:0x01c20000 devmem 0x01c20000 The PLL output=(24MHz*N*K)/(M*P) N=31 K=1 M=1 P=/1 re ...

  5. 缓存一致性性协议MESI笔记

    概述 今天的笔记只是讲解一下MESI的概念和使用场景的介绍,MESI(Modified Exclusive Shared Or Invalid)也称为伊利诺斯协议,是一种广泛使用的支持协会策略的缓存一 ...

  6. JS里默认和常用转换

    * { font-family: PingFang, Monaco } JS里的六大简单数据类型 string 字符类型 number 数字类型 boolean 布尔类型 symbol ES6语法新增 ...

  7. 【C++】字符串处理

    字符串处理 标签:c++ 目录 字符串处理 一.输入 1. scanf()函数 2. gets()函数 3. getchar()函数 二.输出 1. printf()函数 2. puts()函数: 3 ...

  8. golang gin框架中使用protocol buffers和JSON两种协议

    首先,我使用protobuf作为IDL,然后提供HTTP POST + JSON BODY的方式来发送请求. 能不能使用HTTTP POST + PB序列化后的二进制BODY呢? 做了一下尝试,非常简 ...

  9. 在DigitalOcean vps中安装vnstat监控流量,浏览器打开php代码。。。

    由于DigitalOcean中没有发现可以观察已用流量的功能,有想知道自己的流量使用情况,所以安装了vnstat. 安装过程十分简单,见百度经验,官方主页等. 1.安装完vnstat后,直接命令vns ...

  10. python文档2-unittest单元测试之mock.patch

    介绍mock里面另一种实现方式,patch装饰器的使用,patch() 作为函数装饰器,为您创建模拟并将其传递到装饰函数 patch简介 1.unittest.mock.patch(target,ne ...