搞了一晚上,终于搞得了,记录一下
重点,一定要关防火墙,控制面板关了还不行,用命令关
centos8为例
开放443端口
firewall-cmd --zone=public --add-port=443/tcp --permanent
重新加载
firewall-cmd --reload
查开开放的防火墙
firewall-cmd --zone=public --list-ports
然后要把ssl证书下载下来,保存到服务器上,主要为crt和key
参考
server {
listen 443 ssl;
server_tokens off;
keepalive_timeout 5;
root /usr/local/lighthouse/softwares/wordpress; #填写您的网站根目录,例如:/usr/local/lighthouse/softwares/wordpress
index index.php index.html;
access_log logs/wordpress.log;
error_log logs/wordpress.error.log;
server_name cloud.tencent.com; #填写您的证书绑定的域名,例如:www.cloud.tencent.com
ssl_certificate cloud.tencent.com_bundle.crt; #填写您的证书文件名称,例如:cloud.tencent.com_bundle.crt
ssl_certificate_key cloud.tencent.com.key; #填写您的私钥文件名称,例如:cloud.tencent.com.key
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # 可参考此 SSL 协议进行配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #可按照此加密套件配置,写法遵循 openssl 标准
ssl_prefer_server_ciphers on;
}