阿里云服务器Nginx配置ssl证书
由于浏览器策略以及安全隐私的原因,当下的网站无不将 http -> https
以下展示我阿里云服务器中对 Nginx 配置 ssl 的理解及代码展示
此处默认你已安装好 Tomcat 以及 Nginx
第一步找到 Nginx 的配置文件,打开并插入如下代码:
###### https ########
listen 443 ssl;
ssl_certificate /home/cert/pem.pem;
ssl_certificate_key /home/cert/key.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
###### https end ########其中 ssl_certificate 与 ssl_certificate_key 是你已获取的凭证及key
紧接着配置 root index等相关参数并配置首页代理,将80端口转接到 http://localhost:8080 8080端口
root /var/www/html/;
index index.html index.htm;
error_page 404 /404.html;
error_page 500 502 503 505 506 507 509 510 /update_error.html;
location / {
proxy_pass http://localhost:8080;
proxy_redirect off;
proxy_set_header Host $host;
}以下是我的 setting 文件
##
# Virtual Host Configs
##
server {
listen 80;
server_name www.jimqing.xin;
###### https ########
listen 443 ssl;
ssl_certificate /home/cert/pem.pem;
ssl_certificate_key /home/cert/key.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
###### https end ########
root /var/www/html/;
index index.html index.htm;
error_page 404 /404.html;
error_page 500 502 503 505 506 507 509 510 /update_error.html;
location / {
proxy_pass http://localhost:8080;
proxy_redirect off;
proxy_set_header Host $host;
}
}
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}关于免费ssl证书的获取及使用,推荐一个链接 HTTPS免费证书StartSSL申请详解