1、修改nginx的配置文件nginx.conf
A、http的80服务代码块
server { |
B、https的443服务代码块
server { listen 443 default_server; ssl on; server_name www.caii.com; ssl_certificate /usr/local/nginx/conf/ssl/server.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; |
2、说明SSL证书存放的路径为
/usr/local/nginx/conf/ssl/server.crt
/usr/local/nginx/conf/ssl/server.key