参考 这里
1. 购买证书
2. 补全信息
3. 下载证书( .pem + .key )
4. 上传至服务器 /usr/local/nginx/conf/cert 下
5. 修改 nginx.conf :
server {
listen 80;
root /www/path/to/root; // root
server_name www.mysite.com www.mysite.com; // 你的域名*2
index index.html index.php index.htm;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 405 /errpage/405.html;
error_page 503 /errpage/503.html;
location ~ .php$ {
proxy_pass http://127.0.0.1:8888; // 你的服务器地址
include naproxy.conf;
}
location ~ /.ht {
deny all;
}
location / {
try_files $uri @apache;
}
location @apache {
internal;
proxy_pass http://127.0.0.1:8888; // 你的服务器地址
include naproxy.conf;
}
}
server {
listen 443;
server_name www.mysite.com www.mysite.com; // 你的域名*2
ssl on;
root html;
index index.html index.htm;
ssl_certificate cert/pemfile.pem; // .pem路径
ssl_certificate_key cert/keyfile.key; // .key路径
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location ~ .php$ {
proxy_pass http://127.0.0.1:8888; // 你的服务器地址
include naproxy.conf;
}
location ~ /.ht {
deny all;
}
location / {
try_files $uri @apache;
}
location @apache {
internal;
proxy_pass http://127.0.0.1:8888; // 你的服务器地址
include naproxy.conf;
}
}
6. 重启Nginx
7. 访问 https://www.yoursite.com
1