https证书配置 (nginx 、apache)

申请证书

网址:https://freessl.cn/

  1. 填写域名点击创建
  2. 按照生成的解析信息,去域名解析平台做解析
  3. 保存到KeyManager (pc应用程序,需要下载,会有提示下载)
  4. 在KeyManager导出域名证书文件,可以导出Nginx、Apache等各种类型的,按需导出。

Nginx环境配置

nginx安装目录如下
在这里插入图片描述

1.创建目录ssl 存放证书文件
在这里插入图片描述
2.配置文件,指向证书文件位置

# http 重定向到 https
server {
	listen       80;
	server_name songin.zhdingli.com www.zhdingli.com;
    if ($scheme != "https") {
            return 301 https://$host$request_uri;
    }
}

# HTTPS 服务
server {
    listen       443 ssl;

	#https安全证书配置
	ssl on;
    ssl_certificate      /etc/nginx/ssl/songin.zhdingli.com/cert.pem;
    ssl_certificate_key  /etc/nginx/ssl/songin.zhdingli.com/cert.key;
	
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
	
	#域名
    server_name  songin.zhdingli.com;
	
	#访问日志
	access_log /etc/nginx/logs/songin.zhdingli.com-ssl_access.log;
	error_log /etc/nginx/logs/songin.zhdingli.com-ssl_error.log warn;
	
	root /home/www/songin.zhdingli.com;
	
    location / {
        #root   html;
        index  index.html index.htm;
    }
	
	#error_page  404              /404.html;
	# redirect server error pages to the static page /50x.html
	error_page   500 502 503 504  /50x.html;
	location = /50x.html {
		root   html;
	}
	
	# proxy the PHP scripts to Apache listening on 127.0.0.1:80
	#
	#location ~ \.php$ {
	#    proxy_pass   http://127.0.0.1;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	#    root           html;
	#    fastcgi_pass   127.0.0.1:9000;
	#    fastcgi_index  index.php;
	#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
	#    include        fastcgi_params;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#    deny  all;
	#}

}

3.保存配置后,重启nginx

/etc/nginx/sbin/nginx -s reload
已标记关键词 清除标记
相关推荐
©️2020 CSDN 皮肤主题: 书香水墨 设计师:CSDN官方博客 返回首页