How to install nginx on RHEL 8 / CentOS 8 server

The aim of this article is to get you started with basic Nginx web-server installation using the dnf install nginx command and configuration on RHEL 8 / CentOS 8. Nginx web server is an Apache alternative with a capability to be also used as reverse proxy, load balancer, mail proxy and HTTP cache.

In this tutorial you will learn:

  • How to install Nginx on RHEL 8 / CentOS 8.
  • How to start Nginx.
  • How to enable Nginx to start after reboot.
  • How to open HTTP and HTTPS ports.
  • How to run Nginx encrypted with HTTPS.
  • How to create self-signed SSL certificate for Nginx.

Nginx web-server on RHEL 8 Linux server.

Nginx web-server on RHEL 8 Linux server.

Software Requirements and Conventions Used

Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System RHEL 8 / CentOS 8
Software nginx version: nginx/1.14.0 or higher
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

How to install nginx on RHEL 8 server step by step instructions



  1. Install package nginx using the dnf command.
    # dnf install nginx
    
  2. Start the Nginx service:
    # systemctl start nginx
    

    To ensure that Nginx starts after the reboot enable systemd service the nginx:

    # systemctl enable nginx
    Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
    
  3. Open HTTP firewall port 80:
    # firewall-cmd --zone=public --permanent --add-service=http
    # firewall-cmd --reload
    
  4. Access the Nginx welcome page. All should now be ready to access Nginx from a remote host. Open browser and navigate to http://YOURHOSTNAME URL.
  5. Perform a further configuration of your host by editing the /etc/nginx/nginx.conf configuration file and server block:
        server {
            listen       80 default_server;
            listen       [::]:80 default_server;
            server_name  _;
            root         /usr/share/nginx/html;
    
            # Load configuration files for the default server block.
            include /etc/nginx/default.d/*.conf;
    
            location / {
            }
    
            error_page 404 /404.html;
                location = /40x.html {
            }
    
            error_page 500 502 503 504 /50x.html;
                location = /50x.html {
            }
        }
    

    The default Welcome to nginx web page location path is /usr/share/nginx/html.

Enable HTTPS SSL support on Nginx and RHEL 8



  1. Edit the /etc/nginx/nginx.conf configuration file and uncomment the entire settings for the TLS enabled server block:
        server {
            listen       443 ssl http2 default_server;
            listen       [::]:443 ssl http2 default_server;
            server_name  _;
            root         /usr/share/nginx/html;
    
            ssl_certificate "/etc/pki/nginx/server.crt";
            ssl_certificate_key "/etc/pki/nginx/private/server.key";
            ssl_session_cache shared:SSL:1m;
            ssl_session_timeout  10m;
            ssl_ciphers PROFILE=SYSTEM;
            ssl_prefer_server_ciphers on;
    
            # Load configuration files for the default server block.
            include /etc/nginx/default.d/*.conf;
    
            location / {
            }
    
            error_page 404 /404.html;
                location = /40x.html {
            }
    
            error_page 500 502 503 504 /50x.html;
                location = /50x.html {
            }
        }
    
  2. Create a directory to hold the SSL certifcate and the private key for the Nginx server:
    # mkdir -p /etc/pki/nginx/private/ 
    

    Generate a self-signed certificate and private key or upload the existing one to the /etc/pki/nginx/server.crt and /etc/pki/nginx/private/server.key locations. The only required field when creating the self-signed certificate is Common Name (eg, your name or your server's hostname):

    # openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/nginx/private/server.key -x509 -days 365 -out /etc/pki/nginx/server.crt
    
  3. Open HTTPS port 443 on the firewalld firewall daemon:
    # firewall-cmd --zone=public --permanent --add-service=https
    # firewall-cmd --reload
    
  4. Reload the Nginx configuration:
    # systemctl reload nginx
    
  5. Access the Nginx welcome page. All should now be ready to access Nginx from a remote host. Open the browser and navigate to https://YOURHOSTNAME URL.