end0tknr's kipple - 新web写経開発

http://d.hatena.ne.jp/end0tknr/ から移転します

https(ssl) for nginx の configure & makeには、opensslのsrcも必要

configure ; make ; make install

$ su -
# cd /usr/local/src
# wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz
# tar -zxvf openssl-1.0.2d.tar.gz
$ cd /home/endo/tmp
$ wget http://nginx.org/download/nginx-1.9.3.tar.gz
$ tar -xzvf nginx-1.9.3.tar.gz
$ cd nginx-1.9.3
$ ./configure --prefix=/home/endo/local/nginx19 \
              --with-http_ssl_module \
              --with-openssl=/usr/local/src/openssl-1.0.2d
$ make
$ make install

nginxの設定

$ vi /home/endo/local/nginx19/conf/nginx_ssl.conf
worker_processes  1;

error_log  /dev/stdout;

events {
    worker_connections  1024;
}

http {
    access_log /dev/stdout;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   /home/endo/local/nginx19/html;
            index  index.html;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen       443 ssl;
        server_name  localhost;

        ssl_certificate      /home/endo/local/sslproxy/server.crt;
        ssl_certificate_key  /home/endo/local/sslproxy/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            root   /home/endo/local/nginx19/html;
            index  index.html;
        }
    }
}

nginxの起動

$ su -
# /home/endo/local/nginx19/sbin/nginx \
   -c /home/endo/local/nginx19/conf/nginx_ssl.conf