Nginx + SSL证书 配置HTTPS
2022-09-22 22:45:53
Nginx + SSL证书 配置HTTPS
1 阿里云申请免费的SSL
- 控制台搜索“ssl”,进入ssl证书页面
- 按步骤提示进行即可,我用的是域名解析的验证方式
- 下载证书
2 配置Nginx
将下载好的文件放在nginx/conf/cert目录下
修改nginx配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#http 转 https
server {
listen 80;
server_name hopestation.top www.hopestation.top;
rewrite ^(.*) https://$server_name permanent;
}
server {
listen 443 ssl;
server_name hopestation.top www.hopestation.top;
#SSL证书
ssl_certificate cert/5649438_hopestation.top.pem;
ssl_certificate_key cert/5649438_hopestation.top.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://ip:端口/; #请求转发到
}
}让配置文件生效、重启nginx
注:需放行 443端口