1、首先将https安全证书文件放到 /cert/新建相应网站文件夹下
2、进入配置目录 /etc/nginx/conf.d
3、新建一个网站的 .conf 文件进行配置
4、在该文件中写入以下代码
server { //这里是http域名重定向到https
listen 80;
server_name 你的网站域名;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name 你的网站域名;
root /data/webtask/public/;
ssl_certificate 你的https证书存放的路径;
ssl_certificate_key 你的https证书存放的路径;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
add_header Content-Security-Policy upgrade-insecure-requests;
location / {
index index.html index.php;
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
}
5、配置好文件后重启nginx服务器
nginx -s reload //修改配置后重新加载生效