系統:Linux Centos 7.4 x64
軟件:Nginx 1.12.2
注:需要阿里雲申請本地域名與證書並添加下載到本地。
注:證書文件爲 xxxx.pem 與 xxxx.key 兩個文件。
Nginx 配置文件內添加HTTPS
vim /etc/nginx/nginx.conf
http {
server {
listen 443 ssl;
server_name xxx.xxx.com;
ssl on;
root /;
index index.html index.htm;
ssl_certificate /etc/nginx/cert/215058739960601.pem;
ssl_certificate_key /etc/nginx/cert/215058739960601.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /;
index index.html index.htm;
}
}
}
含註釋
http {
server {
# 啓動443端口
listen 443 ssl;
# 證書申請的域名
server_name xxx.xxx.com;
# 開啓SSL協議
ssl on;
# 指定訪問根目錄
root /;
# 指定索引
index index.html index.htm;
# 指定xxx.pem證書文件
ssl_certificate /etc/nginx/cert/215058739960601.pem;
# 指定xxx.key證書文件
ssl_certificate_key /etc/nginx/cert/215058739960601.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
# 指定訪問目錄及索引
location / {
root /;
index index.html index.htm;
}
}
}