点击ssl 证书
选中 中间那个
保存文件 xxx.pem 一个 为xxx.key
server
{
listen 80;
#listen [::]:80;
server_name xxx.net www.xxx.net;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/xxx.net;
include rewrite/none.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
include rewrite/maccms.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
if ($host != 'www.xxx.net') {
rewrite ^/(.*)$ https://www.xx.net/$1 permanent;
}
if ($http_x_forwarded_proto != "https")
{
rewrite ^/(.*)$ https://$host/$1 permanent;
}
location ~ /\.
{
deny all;
}
access_log off;
}
server{
listen 443;
server_name www.xx.net;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/xxx.net;
ssl on;
ssl_certificate /usr/local/nginx/cert/xxx.net.pem;
ssl_certificate_key /usr/local/nginx/cert/xxx.net.key;
include rewrite/maccms.conf;
include enable-php-pathinfo.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log /home/wwwlogs/xxx.log;
}