CentOS7 configuring Nginx support HTTPS access

 

1. install git and BC
[HTML] derived view plain copy in the CODE view of the code to my snippet
yum -y install git bc

 

2. install Nginx
(1) preparation:
[HTML] derived view plain copy in the CODE view of the code to my snippet
yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel
(2) download:
[HTML] derived view plain copy in the CODE view of the code to my snippet
(3) extract:
[HTML] derived view plain copy in the CODE view of the code to my snippet
(4) compile and install:
[HTML] derived view plain copy in the CODE view of the code to my snippet
cd nginx-1.11.6
./configure –with-ipv6 –with-http_ssl_module
make
make install

 

3. request a SSL certificate
(1) download the Let’s Encrypt
[HTML] derived view plain copy in the CODE view of the code to my snippet
(2) the running Let’s Encrypt
[HTML] derived view plain copy in the CODE view of the code to my snippet
cd certbot
./letsencrypt-auto
Makefile:
[HTML] derived view plain copy in the CODE view of the code to my snippet
CERT.PEM: domain name certificates
Chain.pem:The Let’s Encrypt a certificate
Fullchain.PEM: combination of both above
Privkey.PEM: certificate key

 

4. configure Nginx
(1) modify the nginx.conf file
[HTML] derived view plain copy in the CODE view of the code to my snippet
nano /usr/local/nginx/conf/nginx.conf
(2) add:
[HTML] derived view plain copy in the CODE view of the code to my snippet
Ssl_certificate/etc/letsencrypt/live/domain name/fullchain.PEM;
Ssl_certificate_key/etc/letsencrypt/live/domain name/privkey.PEM;
(3) modifications:
[HTML] derived view plain copy in the CODE view of the code to my snippet
Server_name domain name;

 

5. automatic renewal certificates
Creating a scheduled task execution letsencrypt path/letsencrypt-auto renew
For example:
[HTML] derived view plain copy in the CODE view of the code to my snippet
crontab -e
Added line
30 * 2 * 1 letsencrypt path/letsencrypt-auto renew