{"id":144,"date":"2015-05-01T23:52:49","date_gmt":"2015-05-01T15:52:49","guid":{"rendered":"http:\/\/www.lixiaodong.com\/?p=144"},"modified":"2015-05-01T23:52:49","modified_gmt":"2015-05-01T15:52:49","slug":"nginx%e4%bd%bf%e7%94%a8https%e8%87%aa%e7%ad%be%e5%90%8d%e8%af%81%e4%b9%a6","status":"publish","type":"post","link":"https:\/\/www.lixiaodong.com\/?p=144","title":{"rendered":"nginx\u4f7f\u7528https\u81ea\u7b7e\u540d\u8bc1\u4e66"},"content":{"rendered":"<p>1\u3001\u5236\u4f5cCA\u8bc1\u4e66\uff1a<br \/>\nca.key CA\u79c1\u94a5\uff1a<br \/>\nopenssl genrsa -des3 -out ca.key 2048<br \/>\n\u5236\u4f5c\u89e3\u5bc6\u540e\u7684CA\u79c1\u94a5\uff08\u4e00\u822c\u65e0\u6b64\u5fc5\u8981\uff09\uff1a<br \/>\nopenssl rsa -in ca.key -out ca_decrypted.key<br \/>\nca.crt CA\u6839\u8bc1\u4e66\uff08\u516c\u94a5\uff09\uff1a<br \/>\nopenssl req -new -x509 -days 7305 -key ca.key -out ca.crt<\/p>\n<p>2\u3001\u5236\u4f5c\u751f\u6210\u7f51\u7ad9\u7684\u8bc1\u4e66\u5e76\u7528CA\u7b7e\u540d\u8ba4\u8bc1<br \/>\n\u5728\u8fd9\u91cc\uff0c\u5047\u8bbe\u7f51\u7ad9\u57df\u540d\u4e3ahttps.abc.com<br \/>\n\u751f\u6210https.abc.com\u8bc1\u4e66\u79c1\u94a5\uff1a<br \/>\nopenssl genrsa -des3 -out https.abc.com.pem 1024<br \/>\n\u5236\u4f5c\u89e3\u5bc6\u540e\u7684https.abc.com\u8bc1\u4e66\u79c1\u94a5\uff1a<br \/>\nopenssl rsa -in https.abc.com.pem -out https.abc.com.key<br \/>\n\u751f\u6210\u7b7e\u540d\u8bf7\u6c42\uff1a<br \/>\nopenssl req -new -key https.abc.com.pem -out https.abc.com.csr<br \/>\n\u5728common name\u4e2d\u586b\u5165\u7f51\u7ad9\u57df\u540d\uff0c\u5982https.abc.com\u5373\u53ef\u751f\u6210\u6539\u7ad9\u70b9\u7684\u8bc1\u4e66<\/p>\n<p>3.\u7528CA\u8fdb\u884c\u7b7e\u540d\uff1a<br \/>\n\u5148\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4<br \/>\n$ mkdir -p .\/demoCA\/newcerts<br \/>\n$ cd demoCA<br \/>\n$ echo &#8220;01&#8221; > serial<br \/>\n$ touch index.txt (create an empty index.txt file)<br \/>\n$ cd ..  (so we are back in our temporary directory)<\/p>\n<p>openssl ca -policy policy_anything -days 1460 -cert ca.crt -keyfile ca.key -in https.abc.com.csr -out https.abc.com.crt<\/p>\n<p>4. \u914d\u7f6enginx<br \/>\n\u914d\u7f6e\u6587\u4ef6\u4e2d\u65b0\u5efa\u4e00\u4e2aserver,\u5e76\u52a0\u5165<\/p>\n<p>listen 443;<br \/>\nserver_name https.abc.com;<br \/>\nssl on;<br \/>\nssl_certificate \/path\/to\/https.abc.com.crt;<br \/>\nssl_certificate_key \/path\/to\/https.abc.com.key;<\/p>\n<p>\u4ee5\u4e0a2\u4e2a\u6587\u4ef6\u8def\u5f84\u6839\u636e\u5b9e\u9645\u60c5\u51b5\u914d\u7f6e\u3002\u5176\u4ed6\u914d\u7f6e\u548chttp server\u76f8\u540c\u3002 <\/p>\n<p>5. \u91cd\u542fnginx<\/p>\n","protected":false},"excerpt":{"rendered":"<p>1\u3001\u5236\u4f5cCA\u8bc1\u4e66\uff1a ca.key CA\u79c1\u94a5\uff1a openssl genrsa -d &hellip; <a href=\"https:\/\/www.lixiaodong.com\/?p=144\">\u7ee7\u7eed\u9605\u8bfb <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-144","post","type-post","status-publish","format-standard","hentry","category-5"],"_links":{"self":[{"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=\/wp\/v2\/posts\/144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=144"}],"version-history":[{"count":1,"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=\/wp\/v2\/posts\/144\/revisions"}],"predecessor-version":[{"id":145,"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=\/wp\/v2\/posts\/144\/revisions\/145"}],"wp:attachment":[{"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lixiaodong.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}