阿胜4K > Core Services > NGINX配置HTTPS证书
NGINX配置HTTPS证书
环境
访问域名: www.xingyongsheng.top xingyongsheng.top
证书类型: 在阿里云申请的免费证书(上面两个域名申请其中之一即可)
NGINX版本: nginx/1.16.1
操作系统: CentOS Linux release 7.8.2003 (Core)
代码路径: /data/xdocs/public
证书路径: /data/nginx_certs
申请及下载证书
1 申请和下载
2 上传到服务器上
[root@qingcloud /data/nginx_certs]# ls -rlht --full-time
total 12K
-rw-r--r-- 1 root root 3.6K 2021-02-07 10:23:38.000000000 +0800 5172151_www.xingyongsheng.top.pem
-rw-r--r-- 1 root root 1.7K 2021-02-07 10:23:38.000000000 +0800 5172151_www.xingyongsheng.top.key
-rw-r--r-- 1 root root 4.0K 2021-02-07 10:38:27.531561844 +0800 5172151_www.xingyongsheng.top_nginx.zip
修改NGINX配置文件
[root@qingcloud ~]# cat /etc/nginx/conf.d/xingyongsheng-top.conf
server {
listen 443 ssl;
server_name xingyongsheng.top www.xingyongsheng.top;
root html;
index index.html index.htm;
ssl_certificate /data/nginx_certs/5172151_www.xingyongsheng.top.pem;
ssl_certificate_key /data/nginx_certs/5172151_www.xingyongsheng.top.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /data/xdocs/public;
index index.html index.htm;
}
}
server {
listen 80;
server_name xingyongsheng.top www.xingyongsheng.top;
rewrite ^(.*)$ https://$host$1 permanent;
location / {
index index.html index.htm;
}
}
参考资料
https://help.aliyun.com/document_detail/98728.html?spm=5176.14113079.0.dexternal.3e4756a7ITEnst
csdn 113737198