Nginx + SSL证书 配置HTTPS
2022-09-22 22:45:53 #HTTPS

Nginx + SSL证书 配置HTTPS

1 阿里云申请免费的SSL

  1. 控制台搜索“ssl”,进入ssl证书页面

image-20210517151855426

image-20210517151646888

  1. 按步骤提示进行即可,我用的是域名解析的验证方式
  2. 下载证书

image-20210517152235338

2 配置Nginx

  1. 将下载好的文件放在nginx/conf/cert目录下

  2. 修改nginx配置文件

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    #http 转 https
    server {
        listen 80;
        server_name hopestation.top www.hopestation.top;
         rewrite ^(.*) https://$server_name permanent;
    }


    server {
        listen 443 ssl;
        server_name hopestation.top www.hopestation.top;
        #SSL证书
        ssl_certificate cert/5649438_hopestation.top.pem;
        ssl_certificate_key cert/5649438_hopestation.top.key;
       
       ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_set_header HOST $host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://ip:端口/;  #请求转发到
        }
    }

  3. 让配置文件生效、重启nginx

注:需放行 443端口

Prev
2022-09-22 22:45:53 #HTTPS
Next