[root@localhost src]# cd nginx-1.8.0
[root@localhost nginx-1.8.0]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.8.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
configure arguments: --prefix=/usr/local/nginx --add-module=/usr/local/src/echo-nginx-module
[root@localhost nginx-1.8.0]# ./configure --help |grep ssl
--with-http_ssl_module enable ngx_http_ssl_module
--with-mail_ssl_module enable ngx_mail_ssl_module
--with-openssl=DIR set path to OpenSSL library sources
--with-openssl-opt=OPTIONS set additional build options for OpenSSL[root@localhost nginx-1.8.0]# ./configure --with-http_ssl_module --prefix=/usr/local/nginx
Configuration summary
+ using system PCRE library
+ using system OpenSSL library
+ md5: using OpenSSL library
+ sha1: using OpenSSL library
+ using system zlib library
nginx path prefix: "/usr/local/nginx"
nginx binary file: "/usr/local/nginx/sbin/nginx"
nginx configuration prefix: "/usr/local/nginx/conf"
nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/nginx/logs/error.log"
nginx http access log file: "/usr/local/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"
[root@localhost nginx-1.8.0]# make install
cp conf/scgi_params '/usr/local/nginx/conf/scgi_params.default'
test -f '/usr/local/nginx/conf/nginx.conf' || cp conf/nginx.conf '/usr/local/nginx/conf/nginx.conf'
cp conf/nginx.conf '/usr/local/nginx/conf/nginx.conf.default'
test -d '/usr/local/nginx/logs' || mkdir -p '/usr/local/nginx/logs'
test -d '/usr/local/nginx/logs' || mkdir -p '/usr/local/nginx/logs'
test -d '/usr/local/nginx/html' || cp -R html '/usr/local/nginx'
test -d '/usr/local/nginx/logs' || mkdir -p '/usr/local/nginx/logs'
make[1]: 离开目录“/usr/local/src/nginx-1.8.0”
[root@localhost nginx-1.8.0]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.8.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --with-http_ssl_module --prefix=/usr/local/nginx
安装killlall命令
[root@localhost nginx-1.8.0]# yum install psmisc -y
[root@localhost nginx-1.8.0]# killall nginx
[root@localhost nginx-1.8.0]# killall nginx
[root@localhost vhost]# killall nginx
nginx: no process found
[root@localhost vhost]# /usr/local/nginx/sbin/nginx
[root@localhost vhost]# ps aux |grep nginx
root 5915 0.0 0.1 77140 1216 ? Ss 14:00 0:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 5916 0.0 0.4 79020 4080 ? S 14:00 0:00 nginx: worker process
nobody 5917 0.0 0.3 79020 3824 ? S 14:00 0:00 nginx: worker process
nobody 5918 0.0 0.1 77140 1724 ? S 14:00 0:00 nginx: cache manager process
nobody 5919 0.0 0.1 77140 1724 ? S 14:00 0:00 nginx: cache loader process
root 5921 0.0 0.0 112728 972 pts/0 R+ 14:00 0:00 grep --color=auto nginx
[root@localhost vhost]# vim test.com.conf
server
{
listen 443 ssl ;
server_name www.123.com;
index index.html;
root /data/wwwroot/1.com;
ssl on;
ssl_certificate /etc/pki/ca_test/server/server.crt;
ssl_certificate_key /etc/pki/ca_test/server/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!DH:!RC4:+HIGH:+MEDIUM:!eNULL;
ssl_prefer_server_ciphers on;
}[root@localhost vhost]# cat 1.com.conf
server
{
listen 443 ssl ;
server_name www.123.com;
index index.html;
root /data/wwwroot/1.com;
ssl on;
ssl_certificate /etc/pki/ca_test/server/server.crt;
ssl_certificate_key /etc/pki/ca_test/server/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!DH:!RC4:+HIGH:+MEDIUM:!eNULL;
ssl_prefer_server_ciphers on;
}
配置hosts
访问网页提示风险
来源:oschina
链接:https://my.oschina.net/u/3866192/blog/3173941