大佬教程收集整理的这篇文章主要介绍了Kibana配置nginx反代并本地ca加密nginx,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
rpm -ivh @R_404_5158@-1.16.0-1.el7.ngx.x86_64.rpm
htpasswd -c /etc/@R_404_5158@/ssl/htpasswd admin
New password:
Re-type new password:
Adding password for user admin
cat /etc/@R_404_5158@/conf.d/kibana.conf
server {
listen 80;
#server_name kibanaes.com;
server_name paidui-kibana.360sides.net;
access_log /home/appmanager/data/logs/@R_404_5158@/kibana_access.log json;
error_log /home/appmanager/data/logs/@R_404_5158@/kibana_error.log;
LOCATIOn / {
auth_basic "The Kibana Monitor Center";
auth_basic_user_file /etc/@R_404_5158@/ssl/htpasswd;
proxy_pass http://1.1.1.1:5601;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
@H_403_24@重启@R_404_5158@生效
@R_404_5158@ -s reload
@H_404_4@@H_404_4@
# 1.准备存放证书和秘钥的目录
mkdir /etc/@R_404_5158@/ssl
cd /etc/@R_404_5158@/ssl
# 2.使用openssl生成基于rsa数学算法长度为1024bit的秘钥,文件必须以key为结尾
[root@IntelID-Squid-N25 ssl]# openssl genrsa 1024 > /etc/@R_404_5158@/ssl/server.key
GeneraTing RSA private key,1024 bit long modulus
..............++++++
..........++++++
e is 65537 (0x10001)
# 3.使用秘钥文件生成证书申请
[root@IntelID-Squid-N25 ~]# openssl req -new -key /etc/@R_404_5158@/ssl/server.key > /etc/@R_404_5158@/ssl/server.csr
You are about to be asked to enter @R_811_4036@ion that will be incorporated
into your certificate request.
what you are about to enter is what is called a disTinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,If you enter '.',the field will be left blank.
-----
Country Name (2 letter codE) [XX]:CN
State or province Name (full Name) []:BJ
Locality Name (eg,city) [Default City]:BJ
Organization Name (eg,company) [Default Company Ltd]:dx
Organizational Unit Name (eg,section) []:paidui-kibana.360sides.net
Common Name (eg,your name or your server's hostName) []:paidui-kibana.360sides.net
Email Address []:18621048481@163.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A chALLENge password []:
An optional company name []:
# 4. 同意申请,生成证书
[root@IntelID-Squid-N25 ~]# openssl req -x509 -days 365 -key /etc/@R_404_5158@/ssl/server.key -in /etc/@R_404_5158@/ssl/server.csr > /etc/@R_404_5158@/ssl/server.crt
# -x509:证书的格式,固定的
# days:证书的有效期
# key:指定秘钥文件
# in:指定证书申请文件
[root@IntelID-Squid-N25 conf.d]# cat /etc/@R_404_5158@/conf.d/kibana.conf
server {
listen 80;
server_name xxxx.net;
return 301 https://xxxxxx$request_uri;
}
server {
listen 443 ssl;
ssl on;
ssl_certificate /etc/@R_404_5158@/ssl/server.crt;
ssl_certificate_key /etc/@R_404_5158@/ssl/server.key;
access_log /home/appmanager/data/logs/@R_404_5158@/kibana_access.log json;
error_log /home/appmanager/data/logs/@R_404_5158@/kibana_error.log;
LOCATIOn / {
auth_basic "The Kibana Monitor Center";
auth_basic_user_file /etc/@R_404_5158@/ssl/htpasswd;
proxy_pass http://1.1.1.1:5601;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
@R_404_5158@ -s reload
@H_404_4@@H_404_4@
以上是大佬教程为你收集整理的Kibana配置nginx反代并本地ca加密nginx全部内容,希望文章能够帮你解决Kibana配置nginx反代并本地ca加密nginx所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。