Nginx 部署HTTPS

Nginx 部署HTTPS

• 系统：Linux Centos 7.4 x64
• 软件：Nginx 1.12.2

注：须要阿里云申请本地域名与证书并添加下载到本地。

注：证书文件为 xxxx.pem 与 xxxx.key 两个文件。

---

Nginx 配置文件内添加HTTPS

vim /etc/nginx/nginx.conf

http {

server {
    listen 443 ssl;
    server_name xxx.xxx.com;
    ssl on;
    root /;
    index index.html index.htm;
    ssl_certificate   /etc/nginx/cert/215058739960601.pem;
    ssl_certificate_key  /etc/nginx/cert/215058739960601.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        root /;
        index index.html index.htm;
    }
}
}

 

含注释

http {

server {
    # 启动443端口
    listen 443 ssl;
    # 证书申请的域名
    server_name xxx.xxx.com;
    # 开启SSL协议
    ssl on;
    # 指定访问根目录
    root /;
    # 指定索引
    index index.html index.htm;    
    # 指定xxx.pem证书文件
    ssl_certificate   /etc/nginx/cert/215058739960601.pem;
    # 指定xxx.key证书文件
    ssl_certificate_key  /etc/nginx/cert/215058739960601.key;    
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    # 指定访问目录及索引
    location / {
        root /;
        index index.html index.htm;
    }
}

}