参考 https://www.cnblogs.com/hnxxcxg/p/7610582.html
1、openssl 操作 -- 生成私钥
# 生成rsa私钥,des3算法,2048位强度,server.key是秘钥文件名,需要输入口令,123456即可
openssl genrsa -des3 -out server.key 1024
2、openssl 操作 -- 生成 csr
openssl req -new -key server.key -out server.csr
3、openssl 操作 -- 删除私钥中的密码
openssl rsa -in server.key -out server.key
4、openssl 操作 -- 生成自签名证书
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
5、nginx 配置
server {
listen 443 ssl;
server_name 192.168.147.130;
ssl_certificate /usr/local/nginx/cert/server.crt;
ssl_certificate_key /usr/local/nginx/cert/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
location /images/ {
root /home/resources/;
}
}