Linux下安全证书申请以及配置到Nginx

Posted blog of asml

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux下安全证书申请以及配置到Nginx相关的知识,希望对你有一定的参考价值。

wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
chmod +x letsencrypt.sh

编辑下配置文件:

vim letsencrypt.conf

ACCOUNT_KEY="letsencrypt-account.key"
DOMAIN_KEY="域名.key"
DOMAIN_DIR="网站文件夹"
DOMAINS="DNS:域名,DNS:域名"
#ECC=TRUE
#LIGHTTPD=TRUE

运行:

./letsencrypt.sh letsencrypt.conf

运行后会生成很多文件

其中:

 www.chained.crt  域名.key

这两个是要的

 

nginx配置:

user www;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    #access_log  logs/access.log  main;
    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    server {
        listen       80;
        server_name  域名;
     #实现自动重写 rewrite ^(.*)$ https://$host$1 permanent; } # HTTPS server server { listen 443 ssl; server_name 域名; #charset: utf-8; ssl_certificate /home/wwwroot/www.chained.crt; ssl_certificate_key /home/wwwroot/域名.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; location / { root 网站文件夹; index index.html index.htm index.php; } location ~ \.php$ { fastcgi_buffer_size 128k; fastcgi_buffers 32 32k; root 网站文件夹; fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; #include fastcgi.conf; fastcgi_param DOCUMENT_ROOT 网站文件夹; fastcgi_param SCRIPT_FILENAME 网站文件夹$fastcgi_script_name; include fastcgi_params; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }

  

 



以上是关于Linux下安全证书申请以及配置到Nginx的主要内容,如果未能解决你的问题,请参考以下文章

购买https证书以及nginx配置https

nginx配置安全证书

nginx配置https证书

Nginx 安装与配置教程

在NGINX上配置HTTPS服务

Nginx实战-配置SSL证书(CentOS环境),实现https请求