NGINX 配置 ssl /https
阿新 • • 發佈:2020-07-08
配置Nginx支援Https, SSL證書
https://blog.csdn.net/weixin_43842164/article/details/86496220
伺服器需要開啟了443埠(HTTPS服務的預設埠)。
伺服器上需要安裝了http_ssl_module模組(啟用SSL功能)。
.key的檔案和.pem檔案 分別是 證書金鑰檔案 和 證書檔案
server { listen 443; server_name localhost; ssl on; root html; index index.html index.htm; ssl_certificate cert/a.pem; #放在conf目錄下後為a.pem; ssl_certificate_key cert/a.key; #放在conf目錄下後為a.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }
nginx配置http訪問自動跳轉到https
https://www.cnblogs.com/kinwing/p/12875992.html
按照如下格式修改nginx.conf 配置檔案,80埠會自動轉給443埠,這樣就強制使用SSL證書加密了。訪問http的時候會自動跳轉到https上面。
server { listen 80; server_name www.域名.com; rewrite ^(.*) https://$server_name$1 permanent; } server { listen 443; server_name www.域名.com; ..... }
Nginx配置域名同時支援 https 和 http 訪問
https://blog.csdn.net/revitalizing/article/details/55271848
server { listen 80; listen 443 ssl; //修改後 server_name liu.test.com; location / { expires 302400s; proxy_pass http://xxxx/xxxx/; } #ssl on; //修改後 ssl_certificate /usr/local/nginx/conf/server.crt; ssl_certificate_key /usr/local/nginx/conf/server.key; access_log /usr/local/nginx/xxxx.log log_access; }