一、编译安装nginx

1.1 获取源码包

[root@cetnos7 ~]#wget -O /usr/local/src/nginx-1.18.0.tar.gz http://nginx.org/download/nginx-1.18.0.tar.gz

[root@cetnos7 ~]#cd /usr/local/src/

[root@cetnos7 src]#tar xvf nginx-1.18.0.tar.gz

1.2 准备工作

[root@cetnos7 ~]#yum -y install gcc pcre-devel openssl-devel zlib-devel

[root@cetnos7 ~]#useradd -s /sbin/nologin nginx

1.3 进行编译

[root@cetnos7 ~]#cd nginx-1.18.0

[root@cetnos7 nginx-1.18.0]#./configure --prefix=/apps/nginx \

 --user=nginx \

 --group=nginx \

 --with-http_ssl_module \

 --with-http_v2_module \

 --with-http_realip_module \

 --with-http_stub_status_module \

 --with-http_gzip_static_module \

 --with-pcre \

 --with-stream \

 --with-stream_ssl_module \

 --with-stream_realip_module

[root@cetnos7 nginx-1.18.0]#make -j 4 && make install

[root@cetnos7 nginx-1.18.0]#chown -R nginx.nginx /apps/nginx

[root@cetnos7 nginx-1.18.0]#ll /apps/nginx/

total 0

drwxr-xr-x 2 nginx nginx 333 Nov 28 13:37 conf

drwxr-xr-x 2 nginx nginx  40 Nov 28 13:37 html

drwxr-xr-x 2 nginx nginx   6 Nov 28 13:37 logs

drwxr-xr-x 2 nginx nginx  19 Nov 28 13:37 sbin

1.4 创建server文件

[root@centos7 ~]#vim /usr/lib/systemd/system/nginx.service

[Unit]

Description=nginx - high performance web server

Documentation=http://nginx.org/en/docs/

After=network-online.target remote-fs.target nss-lookup.target

Wants=network-online.target

[Service]

Type=forking

PIDFile=/apps/nginx/run/nginx.pid

ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf

ExecReload=/bin/kill -s HUP $MAINPID

ExecStop=/bin/kill -s TERM $MAINPID

[Install]

WantedBy=multi-user.target

[root@centos7 ~]#mkdir /apps/nginx/run/    #创建pid目录

[root@centos7 ~]#vim /apps/nginx/conf/nginx.conf

pid /apps/nginx/run/nginx.pid;

1.5 启动nginx

[root@cetnos7 ~]# ln -s /apps/nginx/sbin/nginx /usr/sbin/

[root@cetnos7 ~]#nginx -v

nginx version: nginx/1.18.0

[root@cetnos7 ~]#systemctl enable --now nginx

[root@cetnos7 ~]#ll /apps/nginx/run/

total 4

-rw-r--r-- 1 root root 5 Nov 28 13:57 nginx.pid

二、实现多域名

2.1 声明子配置文件

[root@cetnos7 ~]#vim /apps/nginx/conf/nginx.conf

http {

  include         /apps/nginx/conf.d/*.conf;  #在http语句块添加此行

}

[root@cetnos7 ~]#mkdir /apps/nginx/conf.d -v

[root@cetnos7 ~]#touch /apps/nginx/conf.d/test{1..3}.conf #创建子配置文件

2.2 子配置文件配置

[root@cetnos7 ~]#cd /apps/nginx/conf.d

[root@cetnos7 ~]#cat test1.conf

server  {

    listen          80;

    server_name     www.pc.test1.org;

    location / {

        root        /data/nginx/html/test1;

        index	    index.html;

    }

}

[root@cetnos7 ~]#cat test2.conf

server  {

    listen          80;

    server_name     www.pc.test2.org;

    location / {

        root        /data/nginx/html/test2;

        index	    index.html;

    }

}

[root@cetnos7 ~]#cat test3.conf

server  {

    listen          80;

    server_name     www.pc.test3.org;

    location / {

        root        /data/nginx/html/test3;

        index	    index.html;

    }

}

2.3 创建web目录

[root@cetnos7 conf.d]#mkdir /data/nginx/html/test{1..3} -p

[root@cetnos7 conf.d]#echo "<h1>pc.test1<h1>" > test1/index.html

[root@cetnos7 conf.d]#echo "<h1>pc.test2<h1>" > test2/index.html

[root@cetnos7 conf.d]#echo "<h1>pc.test3<h1>" > test3/index.html

2.4 重启nginx

[root@cetnos7 ~]#nginx -t  #检查配置语法是否正确

nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok

nginx: configuration file /apps/nginx/conf/nginx.conf test is successful

[root@cetnos7 ~]#nginx -s reload

2.5 测试

[root@client ~]#cat /etc/hosts

10.0.0.7    test1.org test2.org test3.org  #添加本地域名解析

[root@client ~]#curl www.pc.test1.org  www.pc.test2.org www.pc.test3.org

<h1>pc.test1<h1>

<h1>pc.test2<h1>

<h1>pc.test3<h1>

三、实现https

3.1 生成自签名证书

[root@centos7 ~]#openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 3650 -out ca.crt

Generating a 4096 bit RSA private key

...++

..............................................................................................................................................................................................................................................................................................................................................................................................................................................++

writing new private key to 'ca.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Shanghai

Locality Name (eg, city) [Default City]:Shanghai

Organization Name (eg, company) [Default Company Ltd]:test.org

Organizational Unit Name (eg, section) []:test

Common Name (eg, your name or your server's hostname) []:ca.test.org

Email Address []:admin@123.org

[root@7-1 certs]#ll

total 8

-rw-r--r-- 1 root root 2102 Nov 28 15:39 ca.crt

-rw-r--r-- 1 root root 3272 Nov 28 15:39 ca.key

3.2自制key和csr文件

[root@7-1 certs]#openssl req -newkey rsa:4096 -nodes -sha256 -keyout www.test1.org.key -out www.test1.org.csr  #重复此步骤,生成test2,test3的相关文件

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing

Locality Name (eg, city) [Default City]:Beijing

Organization Name (eg, company) [Default Company Ltd]:test.org

Organizational Unit Name (eg, section) []:nginx

Common Name (eg, your name or your server's hostname) []:www.pc.test1.org

Email Address []:root@test1.org

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

##注意国家,省,公司这个三个参数要与CA的对应##

#签发证书

[root@7-1 certs]#openssl x509 -req -days 3650 -in www.pc.test1.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.pc.test1.org.crt

[root@7-1 certs]#openssl x509 -req -days 3650 -in www.pc.test2.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.pc.test2.org.crt

[root@7-1 certs]#openssl x509 -req -days 3650 -in www.pc.test3.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.pc.test3.org.crt

#合并证书文件

[root@7-1 certs]#cat www.pc.test1.org.crt  ca.crt > www.test1.org.pem

[root@7-1 certs]#cat www.pc.test2.org.crt  ca.crt > www.test2.org.pem

[root@7-1 certs]#cat www.pc.test3.org.crt  ca.crt > www.test3.org.pem

#证书文件目录如下

total 60

-rw-r--r-- 1 root root 1103 Nov 28 16:07 ca.crt

-rw------- 1 root root 1708 Nov 28 16:07 ca.key

-rw-r--r-- 1 root root 1046 Nov 28 15:46 www.pc.test1.org.crt

-rw-r--r-- 1 root root  968 Nov 28 15:46 www.pc.test1.org.csr

-rw------- 1 root root 1708 Nov 28 15:46 www.pc.test1.org.key

-rw-r--r-- 1 root root 2149 Nov 28 15:48 www.pc.test1.org.pem

-rw-r--r-- 1 root root 1046 Nov 28 16:07 www.pc.test2.org.crt

-rw-r--r-- 1 root root  968 Nov 28 16:07 www.pc.test2.org.csr

-rw------- 1 root root 1708 Nov 28 16:07 www.pc.test2.org.key

-rw-r--r-- 1 root root 2149 Nov 28 16:07 www.pc.test2.org.pem

-rw-r--r-- 1 root root 1046 Nov 28 16:01 www.pc.test3.org.crt

-rw-r--r-- 1 root root  968 Nov 28 16:01 www.pc.test3.org.csr

-rw------- 1 root root 1704 Nov 28 16:01 www.pc.test3.org.key

-rw-r--r-- 1 root root 2149 Nov 28 16:02 www.pc.test3.org.pem

3.3 修改配置文件

##在各子配置文件的sever语句块添加,如下内容以test1为例:

server  {

    listen          80;

    listen 	    443 ssl;

    server_name     www.pc.test1.org;

    ssl_certificate /apps/nginx/certs/www.test1.org.pem;

    ssl_certificate_key /apps/nginx/certs/www.test1.org.key;

    ssl_session_cache shared:sslcache:20m;

    ssl_session_timeout 10m;

    location / {

        root        /data/nginx/html/test1;

        index        index.html;

    }

}

[root@cetnos7 ~]#nginx -t

[root@cetnos7 ~]#nginx -s reload

3.4 访问测试

[root@client ~]#curl https://www.pc.test1.org -k

<h1>pc.test1<h1>

[root@client ~]#curl https://www.pc.test2.org -k

<h1>pc.test2<h1>

[root@client ~]#curl https://www.pc.test3.org -k

<h1>pc.test3<h1>



编译安装nginx,实现多域名 https的更多相关文章

  1. centos7编译安装nginx及无缝升级https

    安装依赖: yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel 下载nginx: wget -c  ...

  2. Centos7 编译安装 Nginx PHP Mariadb Memcached 扩展 ZendOpcache扩展 (实测 笔记 Centos 7.3 + Mariadb 10.1.20 + Nginx 1.10.2 + PHP 7.1.0 + Laravel 5.3 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

  3. Centos7 编译安装 Nginx PHP Mariadb Memcached 扩展 ZendOpcache扩展 (实测 笔记 Centos 7.3 + Openssl 1.1.0e + Mariadb 10.1.22 + Nginx 1.12.0 + PHP 7.1.4 + Laravel 5.4 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

  4. 初识Nginx及编译安装Nginx

    初识Nginx及编译安装Nginx 环境说明: 系统版本    CentOS 6.9 x86_64 软件版本    nginx-1.12.2 1.什么是Nginx? 如果你听说或使用过Apache软件 ...

  5. Mac Pro 编译安装 Nginx 1.8.1

    #下载相关源码包,统一放到 /usr/local/src 目录下: http://nginx.org/download/nginx-1.8.1.tar.gz http://zlib.net/zlib- ...

  6. 【转】linux 编译安装nginx,配置自启动脚本

    linux 编译安装nginx,配置自启动脚本 本文章来给各位同学介绍一篇关于linux 编译安装nginx,配置自启动脚本教程,希望有需要了解的朋友可一起来学习学习哦. 在公司的suse服务器装ng ...

  7. linux 编译安装nginx,配置自启动脚本

    本文章来给各位同学介绍一篇关于linux 编译安装nginx,配置自启动脚本教程,希望有需要了解的朋友可一起来学习学习哦. 在公司的suse服务器装nginx,记录下安装过程: 参照这篇文章:Linu ...

  8. Ubuntu 16.04源码编译安装nginx 1.10.0

    一.下载相关的依赖库 pcre 下载地址 http://120.52.73.43/jaist.dl.sourceforge.net/project/pcre/pcre/8.38/pcre-8.38.t ...

  9. Centos7 编译安装 Nginx Mariadb Asp.net Core2 (实测 笔记 Centos 7.3 + Openssl 1.1.0h + Mariadb 10.3.7 + Nginx 1.14.0 + Asp.net. Core 2 )

    环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) 系统版本:CentOS-7-x86_64-Minimal-1611.iso 安装步骤: 1.准备 1.0 查看硬 ...

随机推荐

  1. yum 下载安装包以及依赖包

    有时候我在用yum安装软件,依赖包比较多,还受网速的影响.所以我们可以将安装包以及依赖包下载到本地安装,这样会快捷很多. yum 提供了这种功能 yum -y install yum-utils 下载 ...

  2. 『德不孤』Pytest框架 — 1、Pytest测试框架介绍

    目录 1.什么是单元测试框架 2.单元测试框架主要做什么 3.单元测试框架和自动化测试框架有什么关系 4.Pytest测试框架说明 5.Pytest框架和Unittest框架区别 (1)Unittes ...

  3. next中layout

    layout是页面模板,主要是为了做到无论在任何页面都会显示的内容,例如头部header,或者nav导航,页脚等固定页面.nuxt配置以及layout具体参考(https://cloud.tencen ...

  4. Scrapy的Item_loader机制详解

    一.ItemLoader与Item的区别 ItemLoader是负责数据的收集.处理.填充,item仅仅是承载了数据本身 数据的收集.处理.填充归功于item loader中两个重要组件: 输入处理i ...

  5. PPT2010制作充电动画

    原文: https://www.toutiao.com/i6492264647318569486/ 启动PPT2010,新建一张空白幻灯片 选择"插入"选项卡,"插图&q ...

  6. Feign的应用

    一.定义 可以把Rest的请求进行隐藏,伪装成类似SpringMVC的Controller一样 它集成了ribbon.hystrix.eureka组件 Feign的日志级别需要自定义,因为日志是单独的 ...

  7. LINUX学习-Mysql集群-主从服务器备份

    一.Mysql主从集群备份. 1.准备两台主机 主服务器:192.168.88.20和从服务器:192.168.88.30 2.分别安装mysql yum -y -install mysql mysq ...

  8. 【基因组学】maker的安装和注释

    本文默认读者有一定的生信基础,没有基础的可以阅读以前的笔记内容. maker作为比较受人认可的基因组注释软件,其流程较为清晰简单. 不知何故,我的conda无法安装maker,故而采用手动安装方式. ...

  9. promise抛异常,执行队列

    //promise抛出异常 new Promise((resolve,reject)=>{ resolve("成功") }).then(res=>{ if(res != ...

  10. python+fastdfs+nginx实现打包下载功能

    环境介绍:生产服务器开发人员需要给client下发数据,主要是图片及视频:图片服务器用fastdfs,下载由nginx 来提供: java 程序来调用此脚本,传递参数来决定打包文件内容: #!/usr ...