center 阿里云linux下nginx配置免费的ssl
场景描述:微信小程序请求的地址需要https的。
1. nginx 安装
http://www.cnblogs.com/taiyonghai/p/6728707.html
2. 在已经安装的nginx上,增加ssl模块
https://blog.csdn.net/cin_ie/article/details/72843277
3. 阿里云后台操作
- 域名控制台、点击需要需要申请的域名。
- 服务器安全策略打开443端口。
4. nginx 配置ssl
4.1 将申请过来的文件拷贝到config目录下
4.2 配置443端口以及域名
server {
# listen 80;
listen 443 ssl;
server_name wx.lingximind.com;
ssl_certificate 1765558_wx.lingximind.com.pem;
ssl_certificate_key 1765558_wx.lingximind.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_connect_timeout 240;
proxy_send_timeout 240;
proxy_read_timeout 240;
client_max_body_size 1000m;
}
}
4.3 输入http直接跳转到https
server {
listen 80;
server_name wx.lingximind.com;
return 301 https://$server_name$request_uri;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# proxy_pass http://localhost:8080;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# }
}