nginx配置ssl证书

1.将证书文件放到服务器自定义路径下，例如/etc/ssl

2.开放443端口

3.nginx.conf内添加

server {
    listen       443 ssl;
    server_name  www.******.com;
    ssl_certificate /etc/ssl/www.******.com.pem;	
    ssl_certificate_key /etc/ssl/www.******.com.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    #charset koi8-r;
    access_log  /var/log/nginx/host.access.log  main;

#    location / {
 #       root   /usr/share/nginx/html;
 #       index  index.html index.htm;
 #   }

    location / {
          root /www/lwzlp/web/dist/;
          index  index.html index.htm;
          try_files $uri $uri/ /index.html;
    }

## 转发其他服务器
  location /iserver/ {
	proxy_pass http://192.168.0.1:8000/iserver/;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_set_header X-NginX-Proxy true;
	proxy_set_header X-Forwarded-Proto $scheme;
}
## 代理子域名
    location /zzd {
      alias /www/lwzlp/H5/zzd/;
        index  index.html index.htm;
        try_files $uri $uri/ /zzd/index.html;

    }
     location   /screen {
        alias   /www/lwzlp_big_screen/screen/;
        index  index.html index.htm;
        try_files $uri $uri/ /screen/index.html;
     }

#https://域名:443/.well-known/pki-validation/fileauth.txt
    location /.well-known/pki-validation/ {
        root   /;
  #      alias   /.well-known/pki-validation/;
        index  index.html index.htm;
    }

    #其他配置规则

}

4.重启nginxnginx -s reload