server {
listen 80;
server_name yuming;
# permanent是301永久重定向,redirect是302临时重定向
rewrite ^(.*) https://$server_name$request_uri permanent;
}
server {
listen 443;
server_name yuming;
ssl on;
# 证书位置
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
}
if ($scheme = http ) {return 301 https://$host$request_uri;}
多域名多证书配置
server {
listen 80;
server_name test1.xxx.cn;
return 301 https://test.xxx.cn$request_uri;
}
server {
listen 443 ssl;
server_name test1.xxx.cn;
ssl_certificate /usr/local/ssl/10149665_test1.xxx.cn.pem;
ssl_certificate_key /usr/local/ssl/10149665_test1.xxx.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ss