第一步:申请SSL证书
(以免费的IP SSL证书为例)
https://www.bilibili.com/read/cv15050461
参考如上文章进行获取
遇到的问题:
1、conf文件里找不到location和server
解决:在/etc/nginx/sites-available/default
加入如下代码:
location /.well-known/pki-validation {
alias html/;
}
2、怎么创建带点的文件夹 mkdir就行
3、重启nginx语句 nginx -s reload
–配置文件路径:/etc/nginx
–日志文件路径:/var/log/nginx
–html目录:/usr/share/nginx/html
4、https的默认端口创建
在配置文件加入下面一段
server {
listen 443 ssl http2;
server_name xxxxxxx;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
ssl_certificate /etc/nginx/ssl/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/private.key;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/ssl/certificate.crt;
resolver 1.1.1.1 1.0.0.1 119.29.29.29 valid=300s;
resolver_timeout 30s;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers on;
}
第二步:写flask代码
from flask import Flask, jsonify, request
from flask_sslify import SSLify
app = Flask(__name__)
sslify = SSLify(app)
context = ("certificate.crt","private.key")
@app.route('/hello', methods=["GET"])
def hello():
return "hello world"
@app.route('/test/first/post', methods=["POST"])
def first_post():
my_json = request.get_json()
print(my_json)
get_name = my_json.get("name")
get_age = my_json.get("age")
get_age += 10
return jsonify(namee=get_name, agee=get_age)
if __name__ == '__main__':
app.run(debug=True, port=5000, host='0.0.0.0',ssl_context=context)