Tag Archives: Automated operation and maintenance and batch processing

Implementation of HTTPS file server based on nginx in win2012

Nginx and openssl: http://nginx.org/en/download.html

http://slproweb.com/products/Win32OpenSSL.html
Environment variable:
c:\ openssl-win64 \bin
th variable add %OPENSSL_HOME%

openssl genrsa -des3 -out xxx.key 1024
openssl req -new -key xxx.key -out xxx.csr
cp xxx.key xxx.key.org
openssl rsa -in xxx.key.org -out xxx.key
openssl x509 -req -days 365 -in xxx.csr -signkey xxx.key -out xxx.crt

Start nginx after modifying nginx.conf

server {
        listen       443 ssl;
        server_name  localhost;
		ssl_certificate      C://nginx-1.18.0//ssl//xxx.crt;
	    ssl_certificate_key  C://nginx-1.18.0//ssl//xxx.key;
        
		#charset koi8-r;

        #access_log  logs/host.access.log  main;

	    ssl_session_cache    shared:SSL:1m;
	    ssl_session_timeout  5m;
	
	    ssl_ciphers  HIGH:!aNULL:!MD5;
	    ssl_prefer_server_ciphers  on;

     location /update {
	        alias C:/hy-8000;
			allow all;
			autoindex on;

	        proxy_set_header   X-Real-IP            $remote_addr;
	        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
	        proxy_set_header   Host                   $http_host;
	        proxy_set_header   X-NginX-Proxy    true;
	        proxy_set_header   Connection "";
	        proxy_http_version 1.1;
     }