主域名 zhmin9734.com
子域名 www.zhmin9734.com
子域名 men.zhmin9734.com
子域名 admin.zhmin9734.com
配置实现
zhmin9734.com --> https://www.zhmin9734.com/
www.zhmin9734.com --> https://www.zhmin9734.com/
http://www.zhmin9734.com --> https://www.zhmin9734.com/
men.zhmin9734.com --> http://men.zhmin9734.com/
admin.zhmin9734.com --> http://admin.zhmin9734.com/
安装ssl证书到nginx
在nginx的安装目录下,新建一个cert文件夹,将下载的证书文件和密钥文件放在cert里;
查看nginx安装的模块(/usr/sbin/nginx -V)是否有with-http_ssl_module,没有就装
打开nginx.conf,在http里新增一个server
server { listen 443 ssl; #SSL协议访问端口号为443。此处如未添加ssl,可能会造成Nginx无法启动。 server_name www.zhmin9734.com; #这里是证书绑定的域名 root html; index index.html index.htm; ssl_certificate "/etc/nginx/cert/domain name.pem"; #证书文件存放的路径 ssl_certificate_key "/etc/nginx/cert/domain name.key"; #密钥文件存放的路径 ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #使用该协议进行配置。 ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; }}
配置多个子域名访问不同的项目(直接贴代码)
部署接口的话可以在证书绑定的那个域名下的server里新增location
server { listen 80 default_server; server_name www.zhmin9734.com; rewrite ^(.*)$ https://$host$1 permanent; #重定向到https root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; error_page 404 403 /40x.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { }}server { listen 80; server_name men.zhmin9734.com; root /usr/share/nginx/mengen; include /etc/nginx/default.d/*.conf; error_page 404 403 /40x.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { }}server { listen 80; server_name admin.zhmin9734.com; root /usr/share/nginx/admin; include /etc/nginx/default.d/*.conf; error_page 404 403 /40x.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { }}
重启nginx服务