状況
- port 8080番に対して、行う想定
- SSL証明書はオレオレ
- httpでアクセスされたらhttpsにリダイレクト
- サブディレクトリ以下の挙動に関しては考慮しない
swich su
$ sudo su
#
nginx install
# yum install -y nginx
write nginx config
# vi /etc/nginx/conf.d/virtual.conf
/etc/nginx/conf.d/virtual.conf
server {
listen 80;
server_name hoge.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/server.key;
server_name hoge.example.com;
location / {
proxy_pass http://127.0.0.1:8080/;
}
}
make ssl certificate files
# mkdir /etc/nginx/cert
# cd /etc/nginx/cert
# openssl genrsa 2048 > server.key # Enter連打
# openssl req -new -key server.key > server.csr
# openssl x509 -req -days 3650 -signkey server.key < server.csr > server.crt # -daysで証明書期限を指定
set launch nginx at boot
# chkconfig nginx on
start nginx
# service nginx start