完成后,在web端进行访问测试:
这样phpMyAdmin部署完成。
接下来为phpMyAdmin提供https服务:
| [root@master ~]# cd /etc/pki/CA/ [root@master CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) [root@master CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3653 [root@master CA]# touch index.txt [root@master CA]# echo 01 > serial |
| [root@master ssl]# (umask 077;openssl genrsa -out nginx.key 2048) [root@master ssl]# openssl req -new -key nginx.key -out nginx.csr -days 3653 [root@master ssl]# openssl ca -in nginx.csr -out /etc/pki/CA/certs/nginx.crt -days 3653 Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Nov 12 14:15:57 2018 GMT Not After : Nov 12 14:15:57 2028 GMT Subject: countryName = CN stateOrProvinceName = Hebei organizationName = james organizationalUnitName = james.edu commonName = www.james.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 5A:68:D6:47:29:DA:A5:29:98:09:0D:82:02:2D:B1:5D:61:8A:26:EC X509v3 Authority Key Identifier: keyid:32:B2:8D:AC:68:57:FC:BF:8B:F2:CA:68:8B:45:93:D4:7F:A2:25:F3 [root@master ssl]# scp /etc/pki/CA/certs/nginx.crt ./ [root@master ssl]# rm -f nginx.csr |
修改nginx配置文件:
| [root@master ssl]# vim /etc/nginx/nginx.conf |
检测无误后重启nginx服务:
| [root@master ssl]# nginx -t [root@master ssl]# nginx -s reload |
web端测试:
https服务实现。
