官方文档
http://nginx.org/en/docs/http/configuring_https_servers.html
官方的最简单的https配置:
server { listen 443 ssl; server_name www.example.com; ssl_certificate www.example.com.chained.crt; ssl_certificate_key www.example.com.key; }
php的常规的http配置:
server { listen 80; server_name www.51godream.com; access_log /data/wwwlogs/www.51godream.com_nginx.log combined; index index.html index.htm index.php; root /data/wwwroot/www.51godream.com; include /usr/local/nginx/conf/rewrite/wordpress.conf; #error_page 404 /404.html; #error_page 502 /502.html; location ~ [^/].php(/|$) { #fastcgi_pass remote_php_ip:9000; fastcgi_pass unix:/dev/shm/php-cgi.sock; fastcgi_index index.php; include fastcgi.conf; } location ~ .*.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { expires 30d; access_log off; } location ~ .*.(js|css)?$ { expires 7d; access_log off; } location ~ /.ht { deny all; } }
php的https配置(http转发到https):
server { listen 443 ssl; server_name www.51godream.com; ssl_certificate 1_www.51godream.com_bundle.crt; ssl_certificate_key 2_www.51godream.com.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; access_log /data/wwwlogs/www.51godream.com_nginx.log combined; index index.html index.htm index.php; root /data/wwwroot/www.51godream.com; include /usr/local/nginx/conf/rewrite/wordpress.conf; #error_page 404 /404.html; #error_page 502 /502.html; location ~ [^/].php(/|$) { #fastcgi_pass remote_php_ip:9000; fastcgi_pass unix:/dev/shm/php-cgi.sock; fastcgi_index index.php; include fastcgi.conf; } location ~ .*.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { expires 30d; access_log off; } location ~ .*.(js|css)?$ { expires 7d; access_log off; } location ~ /.ht { deny all; } } server { listen 80; server_name www.51godream.com; rewrite ^(.*) https://$server_name$1 permanent; }