The aim of this article is to get you started with basic Nginx web-server installation using the dnf install nginx
command and configuration on RHEL 8 / CentOS 8. Nginx web server is an Apache alternative with a capability to be also used as reverse proxy, load balancer, mail proxy and HTTP cache.
In this tutorial you will learn:
- How to install Nginx on RHEL 8 / CentOS 8.
- How to start Nginx.
- How to enable Nginx to start after reboot.
- How to open HTTP and HTTPS ports.
- How to run Nginx encrypted with HTTPS.
- How to create self-signed SSL certificate for Nginx.
Software Requirements and Conventions Used
Category | Requirements, Conventions or Software Version Used |
---|---|
System | RHEL 8 / CentOS 8 |
Software | nginx version: nginx/1.14.0 or higher |
Other | Privileged access to your Linux system as root or via the sudo command. |
Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
How to install nginx on RHEL 8 server step by step instructions
- Install package
nginx
using thednf
command.# dnf install nginx
- Start the Nginx service:
# systemctl start nginx
To ensure that Nginx starts after the reboot enable systemd service the
nginx
:# systemctl enable nginx Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
- Open HTTP firewall port 80:
# firewall-cmd --zone=public --permanent --add-service=http # firewall-cmd --reload
- Access the Nginx welcome page. All should now be ready to access Nginx from a remote host. Open browser and navigate to
http://YOURHOSTNAME
URL. - Perform a further configuration of your host by editing the
/etc/nginx/nginx.conf
configuration file and server block:server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/nginx/html; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
The default Welcome to nginx web page location path is
/usr/share/nginx/html
.
Enable HTTPS SSL support on Nginx and RHEL 8
- Edit the
/etc/nginx/nginx.conf
configuration file and uncomment the entire settings for the TLS enabled server block:server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name _; root /usr/share/nginx/html; ssl_certificate "/etc/pki/nginx/server.crt"; ssl_certificate_key "/etc/pki/nginx/private/server.key"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
- Create a directory to hold the SSL certifcate and the private key for the Nginx server:
# mkdir -p /etc/pki/nginx/private/
Generate a self-signed certificate and private key or upload the existing one to the
/etc/pki/nginx/server.crt
and/etc/pki/nginx/private/server.key
locations. The only required field when creating the self-signed certificate isCommon Name (eg, your name or your server's hostname)
:# openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/nginx/private/server.key -x509 -days 365 -out /etc/pki/nginx/server.crt
- Open HTTPS port 443 on the
firewalld
firewall daemon:# firewall-cmd --zone=public --permanent --add-service=https # firewall-cmd --reload
- Reload the Nginx configuration:
# systemctl reload nginx
- Access the Nginx welcome page. All should now be ready to access Nginx from a remote host. Open the browser and navigate to
https://YOURHOSTNAME
URL.