在阿里云申请一个免费的证书:
如果此域名为当前阿里账号的域名,上面DNS之下的复选框可以选中,申请后十几分钟就成功了。
成功后便可下载证书,将证书复制到域名所在机器,如:/opt/https下
Nginx增加配置:
upstream miniprogram_server{
server 127.0.0.1:8080 weight=1 max_fails=0;
}
server {
ssl on;
root html;
ssl_certificate /opt/https/214245796270009.pem;
ssl_certificate_key /opt/https/214245796270009.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /miniprogram{
root html;
index index.html index.htm;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://miniprogram_server/miniprogram;
}
}
配置完后就可以使用https访问了。
注:nginx启动时可能失败,因为vmware可能占用了443端口,将其杀掉即可。
报错:
[emerg] 18244#13980: bind() to 0.0.0.0:443 failed (10013: An attempt was made to access a socket in a way forbidden by its access permissions)
查看端口占用:
输入命令:netstat -aon|findstr "443"
可以看到是pid为4152的进程占用了443端口,也可以直接从资源管理器中查看:
可以看到是vmware占用了443,干掉此进程即可。