一、申请证书和下载证书(阿里云申请)
二、在nginx服务器上配置ssl证书
1.检查服务器是否安装openssl
2.在nginx conf 文件夹创建 cret 文件,放置证书
[root@web conf]# mkdir cert
3.在需要的域名vhost主机下面配置ssl
[root@web vhost]# vi 80.conf
1 server { 2 listen 80; 3 server_name app.test.com; 4 5 location / { 6 root $root_path; 7 index index.html index.htm index.php; 8 if (!-e $request_filename) { 9 # rewrite ^(.*)$ /index.php?s=/$1 last; 10 rewrite ^/index.php(.*)$ /index.php?s=$1 last; 11 rewrite ^(.*)$ /index.php?s=$1 last; 12 13 } 14 } 15 error_page 500 502 503 504 /50x.html; 16 location = /50x.html { 17 root $root_path; 18 } 19 20 location ~ .php$ { 21 root $root_path; 22 #fastcgi_pass 127.0.0.1:9000; 23 fastcgi_pass unix:/tmp/php-cgi.sock; 24 fastcgi_index index.php; 25 include fastcgi.conf; 26 } 27 } 28 server { 29 listen 443; 30 server_name app.test.com; 31 ssl on; 32 ssl_certificate /usr/local/nginx/conf/cert/21485836dsfdsf0846.pem; 33 ssl_certificate_key /usr/local/nginx/conf/cert/214sdfdfds0846.key; 34 ssl_session_timeout 5m; 35 sl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; 36 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 37 ssl_prefer_server_ciphers on; 38 location / { 39 root $root_path; 40 index index.html index.htm index.php; 41 if (!-e $request_filename) { 42 # rewrite ^(.*)$ /index.php?s=/$1 last; 43 rewrite ^/index.php(.*)$ /index.php?s=$1 last; 44 rewrite ^(.*)$ /index.php?s=$1 last; 45 46 } 47 } 48 error_page 500 502 503 504 /50x.html; 49 location = /50x.html { 50 root $root_path; 51 } 52 53 location ~ .php$ { 54 root $root_path; 55 #fastcgi_pass 127.0.0.1:9000; 56 fastcgi_pass unix:/tmp/php-cgi.sock; 57 fastcgi_index index.php; 58 include fastcgi.conf; 59 } 60 61 }
4.检查nginx 配置文件
5.重启nginx
nginx -s reload
三、效果
