Skip to content

How to config nginx to support SSL/TLS on CentOS


1. Install openssl package

yum install openssl openssl-devel

2. Compile with ssl module

./configure –with-http_ssl_module

3. modify nginx config file

(1) Obtain a certificate issued by a trusted authority.


private.key      Private Key
certificate.crt  Website Certificate
ca_bundle.crt    Issuing Authority Certificate

Store them in the /usr/local/nginx/conf directory.

(2) Modify /usr/local/nginx/conf/nginx.conf and add the following content

server {
        listen       443 ssl;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/certificate.crt;
        ssl_certificate_key /usr/local/nginx/conf/private.key;

Appendix: Self-signed Certificate Method for Servers

  1. Create a server private key. The command will ask you to enter a password.
  2. Create a certificate signing request (CSR).
  3. When loading the Nginx with SSL support and using the above private key, remove the required password.
cd /usr/local/nginx/conf
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl rsa -in server.key -out server_nopwd.key
openssl x509 -req -days 365 -in server.csr -signkey server_nopwd.key -out server.crt
Leave a message

  • Welcome to visit the knowledge base of SRE and DevOps!
  • License under CC BY-NC 4.0
  • Made with Material for MkDocs and improve writing by generative AI tools
  • Copyright issue feedback, replace # with @