一、下载安装证书文件
证书文件: 如果用的是阿里云的机器,那么证书文件需要自己去申请下载.
进入nginx的配置完整目录: cd /usr/local/nginx/conf/
创建目录: mkdir cert
把证书文件放入cert目录中
二、进行虚拟主机的配置(/usr/local/nginx/conf/vhost/ **.conf)
【参考】https://blog.csdn.net/smartdt/article/details/80027579 nginx配置https详解
【参考】https://www.jianshu.com/p/b3d8b4145e8c nginx配置https后,网站出现无法访问的情况解决
server
{
listen 443 ssl;
server_name test.cn; #这是绑定的域名
index index.html index.htm index.php;
root /data/seo; #项目的路径
ssl_certificate cert/2721426__007dir.cn.pem; #将domain name.pem替换成您证书的文件名。
ssl_certificate_key cert/2721426__007dir.cn.key; #将domain name.key替换成您证书的密钥文件名。
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location ~ .*.php($|/) {
root /data/seo;
fastcgi_param SCRIPT_FILENAME /data/seo$fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi.conf; # 根据/usr/local/nginx/conf 下的文件,根据本地情况配置.
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
}
location / {
if (!-e $request_filename) {
rewrite (.*) /index.php;
}
}
location ~ /\.ht {
deny all;
}
access_log /data/logs/web/test1.007dir.cn.access.log;
error_log /data/logs/web/test1.007dir.cn.error.log;
}
server {
listen 80;
server_name test.cn;
rewrite ^(.*)$ https://$host$1 permanent;
}