准备资料:
-
域名一个: www.baidu.cn (自己申请的域名);
-
名称对应的ssl证书文件: 1_www.baidu.cn_bundle.crt 、2_www.baidu.cn.key
-
nginx服务器一个;
server {
listen 80;
server_name www.baidu.cn;
#charset koi8-r;
access_log /var/log/nginx/git.access.log main;
#请求http强制跳转到https去
rewrite ^(.*) https://$host$1 permanent;
}
#https地址,记得开启服务器的443端口,否则访问不了https地址
server {
listen 443 ssl;
server_name www.baidu.cn;
# 证书存放路径
ssl_certificate /etc/nginx/ssl/1_zhwlt.cn_bundle.crt;
ssl_certificate_key /etc/nginx/ssl/2_zhwlt.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
# 根目录
location / {
root /var/www/html/;
index index.html index.htm test.html;
}
}