nginx配置数字证书

以腾讯去为例,平台上有合作的免费数据证书申请

  1. 将域名解析后,申请好证书后,将证书下载放入服务器中 /etc/nginx/conf.d/,解压后将会看到 .pen.key 的文件
  2. cd /etc/nginx/conf.d/ 创建配置文件 vim blog.conf 如下配置,注意 .pen.key 文件路径不要错了

nginx配置

server {
    listen 80;
    server_name blog.z103.top;
    location / {
        proxy_pass http://127.0.0.1:8090/;
        proxy_read_timeout  90;
    }
}

server {
    listen 443 ssl;
    server_name  blog.z103.top;

    ssl_certificate           /etc/nginx/conf.d/blog.z103.top_nginx/blog.z103.top_bundle.pem;
    ssl_certificate_key       /etc/nginx/conf.d/blog.z103.top_nginx/blog.z103.top.key;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass http://127.0.0.1:8090/;
        proxy_read_timeout  90;
    }

}
  1. nginx -s reload 生效
posted @ 2023-01-05 17:11  码农记事本  阅读(216)  评论(0)    收藏  举报