SSL数字证书生成方法
如何给在用的nginx添加新模块?

nginx启用spdy支持

妙音 posted @ 2014年11月13日 10:48 in nginx with tags spdy;ssl; , 1945 阅读

安装nginx

预编译时加入spdy模块,spdy强制使用ssl,需要同时编入ssl模块
./configure --with-http_ssl_module --with-http_spdy_module
 
make 编译之后输出下面信息,nginx默认安装到/usr/local/nginx目录
[wyq@localhost nginx-1.6.2]$ make
make -f objs/Makefile
make[1]: 进入目录“/home/wyq/nginx-1.6.2”
cc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g  -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs \
....
make[1]: 离开目录“/home/wyq/nginx-1.6.2” make -f objs/Makefile manpage make[1]: 进入目录“/home/wyq/nginx-1.6.2” sed -e "s|%%PREFIX%%|/usr/local/nginx|" \ -e "s|%%PID_PATH%%|/usr/local/nginx/logs/nginx.pid|" \ -e "s|%%CONF_PATH%%|/usr/local/nginx/conf/nginx.conf|" \ -e "s|%%ERROR_LOG_PATH%%|/usr/local/nginx/logs/error.log|" \ < man/nginx.8 > objs/nginx.8 make[1]: 离开目录“/home/wyq/nginx-1.6.2”

make install 安装

准备数字证书

使用下面命令,生成自己的证书
openssl genrsa -des3 -out openssl.key 1024  
openssl req -new -x509 -key openssl.key -out openssl.crt -days 3650  
openssl rsa -in openssl.key -out openssl_nopass.key  
详细参考
http://yongqing.is-programmer.com/posts/68856.html
或者用我的证书,证书密码:word

添加配置

server{
    ...
    listen 443 ssl spdy;
    ssl_certificate /home/wyq/ssl/openssl.crt;
    ssl_certificate_key /home/wyq/ssl/openssl_nopass.key;
    ...
}

启动nginx

./sbin/nginx

查看spdy启动情况

使用chrome浏览器访问https://localhost,并打开 chrome://net-internals/#spdy 看到下面内容,表示spdy已经开启
Host Proxy ID Protocol Negotiated Active streams Unclaimed pushed Max Initiated Pushed Pushed and claimed Abandoned Received frames Secure Sent settings Received settings Send window Receive window Unacked received data Error
localhost:443 direct:// 65438 spdy/3.1 0 0 100 1 0 0 0 2 true true true 2147483647 10485760 612 0
 

登录 *


loading captcha image...
(输入验证码)
or Ctrl+Enter