CentOS 7.4nginx配置SSL
阿新 • • 發佈:2018-11-12
一、在/etc/nginx/conf.d目錄下建立虛擬主機配置檔案
server {
listen 80;
server_name www.xx.com xx.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name www.xx.com xx.com;
ssl on;
ssl_certificate /www/xx.com/ssl/xx.com-ca-bundle.crt;
ssl_certificate_key /www/xx.com/ssl/xx.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
location / {
root /www/xx.com/www/www;
index index.html index.htm;
}
}
二、檢視443埠是否開啟
firewall-cmd --zone=public --list-ports
三、如果沒有開啟增加443埠
firewall-cmd --zone=public --add-port=443/tcp --permanent
四、重新載入防火牆
firewall-cmd --reload