RHEL9 nginxの設定ファイルのSSL証明書(HTTPS)設定方法
環境
nginx 1.20
Red Hat Enterprise Linux release 9.2 (Plow)
操作方法
1.OpenSSLを利用して秘密鍵、CSR、CRTを作成します。
$ sudo mkdir /etc/nginx/ssl
$ sudo openssl genrsa -out /etc/nginx/ssl/server.key 2048
$ sudo openssl req -new -key /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.csr
$ sudo openssl x509 -days 3650 -req -signkey /etc/nginx/ssl/server.key -in /etc/nginx/ssl/server.csr -out /etc/nginx/ssl/server.crt
$ sudo mkdir /etc/nginx/ssl
$ sudo openssl genrsa -out /etc/nginx/ssl/server.key 2048
$ sudo openssl req -new -key /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.csr
$ sudo openssl x509 -days 3650 -req -signkey /etc/nginx/ssl/server.key -in /etc/nginx/ssl/server.csr -out /etc/nginx/ssl/server.crt
$ sudo mkdir /etc/nginx/ssl $ sudo openssl genrsa -out /etc/nginx/ssl/server.key 2048 $ sudo openssl req -new -key /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.csr $ sudo openssl x509 -days 3650 -req -signkey /etc/nginx/ssl/server.key -in /etc/nginx/ssl/server.csr -out /etc/nginx/ssl/server.crt
2.ファイル作成確認
$ ls /etc/nginx/ssl/
3.nginxの設定方法
server{
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
}
server{
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
}
server{
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
}
4.nginxを再起動します
$ sudo systemctl restart nginx