server {
listen 443 ssl;
listen [::]:443 ssl ipv6only=on;
#pem证书是通过lets encrypt的certbot工具生成而来
ssl_certificate /etc/letsencrypt/live/your.domain.com/fullchain.pem; #证书(fullchain.pem就相当于cert.pem+chain.pem)
ssl_certificate_key /etc/letsencrypt/live/your.domain.com/privkey.pem; #证书密钥
// ... 把你80端口server下的配置复制过来张贴在下边 ...
}
如果网页上存在有没走Https的链接,就不能全绿。