nginx本地配置https

WIN10环境Nginx配置本地项目HTTPS

安装chocolatey

1. 管理员身份打开cmd

2. 在cmd窗口运行以下命令

   @"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin" 

3. 验证是否安装成功(显示版本号则成功)

    choco 
   

安装mkcert

1. 使用chocolatey安装

choco install mkcert

2. 添加环境变量

   我的电脑->属性->高级系统设置->环境变量->系统变量->Path->新建->输入mkcert地址(mkcert.exe所在地址。具体看安装目录。)

   C:\ProgramData\chocolatey\lib\mkcert\tools
   

3. 验证是否安装完成

    mkcert
   

4. 使用mkcert安装本地系统信任

   mkcert -install
   

5. 使用mkcert创建证书

   mkcert local.tp5.com(证书名称)
   

Nginx 配置（443端口及指定证书路径）

编辑nginx.conf

如果使用了nignx.conf 使用了include /etc/nginx/conf.d/*.conf; 则去修改相应的xxx.conf配置文件

server{
    listen 80; #监听80端口
    listen [::]:80;

    server_name  local.tp5.com; #域名

    root /www/tp5/public; #网站跟目录
    index index.html index.php index.htm;

    # return 301 https://$host/shengji.html;
    return 301 https://$host$request_uri; #强制跳转到https

    
    location /reader {
        if ($http_user_agent ~* "Baiduspider|360Spider|bingbot|Googlebot|Sogou web spider") {
            return 301 https://$host;
        }
    }
    #php设置
    location ~ \.php$ {
        set $script $uri;
        set $path_info "";
        if ($uri ~ "^(.+\.php)(/.+)") {
            set $script $1;
            set $path_info $2;
        }
        fastcgi_pass php73:9000;
        fastcgi_buffer_size 512k;
        fastcgi_buffers 6 512k;
        fastcgi_busy_buffers_size 512k;
        fastcgi_temp_file_write_size 512k;
        fastcgi_index index.php?IF_REWRITE=1;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $script;
        fastcgi_read_timeout 10000;
        include fastcgi_params;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
        expires      30d;
    }

    location ~ .*\.(js|css|txt)?$ {
        expires      12h;
    }

    location ~ /\. {
        deny all;
    }
}

server{
    listen 443 ssl;
    listen [::]:443;
    server_name  local.tp5.com;

    root /www/tp5/public;
    index index.html index.php index.htm;

    #return 301 https://$host/shengji.html;
    #return 301 https://$host$request_uri;
    ssl on;
    ssl_certificate /etc/nginx/conf.d/cert/local.tp5.com.pem;  #letsencrypt证书路径，
    ssl_certificate_key /etc/nginx/conf.d/cert/local.tp5.com-key.pem; #letsencrypt秘钥路径，
    

    location ~ \.php$ {
        set $script $uri;
        set $path_info "";
        if ($uri ~ "^(.+\.php)(/.+)") {
            set $script $1;
            set $path_info $2;
        }
        fastcgi_pass php73:9000;
        fastcgi_buffer_size 512k;
        fastcgi_buffers 6 512k;
        fastcgi_busy_buffers_size 512k;
        fastcgi_temp_file_write_size 512k;
        fastcgi_index index.php?IF_REWRITE=1;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $script;
        fastcgi_read_timeout 10000;
        include fastcgi_params;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
        expires      30d;
    }

    location ~ .*\.(js|css|txt)?$ {
        expires      12h;
    }

    location ~ /\. {
        deny all;
    }

    
}