域名、子域名、ssl证书
域名子域名的开通网上找找都有,很简单,这里主要讲证书的问题
一个域名一个证书
建议创建一个my_configs文件夹里面放各种项目配置xx.conf 在nginx.conf #gzip on;下面 添加 include ./my_configs/*.conf;
server {
listen 80;
server_name demo.xxx.cn;
location / {
rewrite (.*) https://demo.xxx.cn.cn$1 permanent;
}
}
server {
listen 443 ssl;
server_name demo.xxx.cn.cn;
root html;
index index.html index.htm;
ssl_certificate /usr/local/nginx/conf/ssl/8746281_demo.xxx.cn.cn.pem; # path
ssl_certificate_key /usr/local/nginx/conf/ssl/8746281_demo.xxx.cn.cn.key; # path
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://0.0.0.0:8899;
}
}
版权声明:本文为chi1130原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。