ローカルサーバー

192.168.1.100    server.local

# firewall-cmd --permanent --add-service=ssh
success
# firewall-cmd --reload
success

$ mkdir -p .ssh
$ chmod 700 .ssh
$ mv id_rsa.pub .ssh/authorized_keys
$ chmod 600 .ssh/authorized_keys

$ sudo nano /etc/ssh/sshd_config

#PermitRootLogin prohibit-password
PermitRootLogin no          # 許可しない
#PasswordAuthentication yes
PasswordAuthentication no    # パスワード認証しない

$ reboot

# dnf config-manager --set-enabled crb
# dnf install epel-release

# dnf install https://rpms.remirepo.net/enterprise/remi-release-9.rpm

# yum repolist

# nano /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx
repobaseurl=https://nginx.org/packages/mainline/centos/8/$basearch/
gpgcheck=0
enabled=0

# dnf -y install nginx
# mkdir -p /usr/share/nginx
# chown nginx:nginx /usr/share/nginx

# firewall-cmd --permanent --add-service=http
success
# firewall-cmd --reload
success

# firewall-cmd --permanent --add-service=https
success
# firewall-cmd --reload
success

# usermod -aG nginx rockylinux # ユーザー名「rockylinux」は適宜変更
# chown -R nginx:nginx /usr/share/nginx
# chmod -R 775 /usr/share/nginx

# nano /etc/nginx/conf.d/default.conf

server {
  listen 80;
  server_name server.local;
  root /usr/share/nginx/html;
  index index.html;
 
  charset utf-8;
}

# Settings for a TLS enabled server. 
server {
  listen 443 ssl http2;
  server_name server.local;
  root /usr/share/nginx/html;
  index index.html;

  charset utf-8;
  # SSL設定
  ssl_certificate "/etc/pki/tls/certs/server.crt";
  ssl_certificate_key "/etc/pki/tls/private/server.key";

  location / {
  }

  error_page 404 /404.html;
    location = /40x.html {
  }

  error_page 500 502 503 504 /50x.html;
    location = /50x.html {
  }
}

# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

# systemctl start nginx
# systemctl enable nginx

$ sudo cp $HOME/server.crt /usr/share/pki/ca-trust-source/anchors
$ sudo update-ca-trust extract