阿里云域名免费转ssl,实现https访问
Posted sunbey80
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了阿里云域名免费转ssl,实现https访问相关的知识,希望对你有一定的参考价值。
1.登录阿里云,进管理控制台 - 域名与网站 - 域名
2.选择对应的域名 - ssl证书 - 单域名免费证书
3.填写www或者对应的子域名,确定 - 等待审核通过
4.进入进管理控制台 - 安全(云盾) - CA证书服务 - 下载对应证书
5.ssh连接远程服务器,进入nginx安装目录(/etc/nginx/),新建cert目录
6.将下载下来的证书文件放到cert目录,一般包括(1526192532557.pem 1526192532557.key)
7.修改nginx配置文件
一、仍需访问http网址的情况:
server { ... listen 443 ssl; ... ssl_certificate /etc/nginx/cert/1526192532557.pem; ssl_certificate_key /etc/nginx/cert/1526192532557.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ... }
二、不需访问http网址,直接都转到https网址下
server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 301 https://www.likefun.cn/; root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; location ~ ^/ { proxy_pass http://127.0.0.1:3002; } location ~ ^/qushan/.+ { proxy_pass http://127.0.0.1:3002; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name _; root /usr/share/nginx/html; ssl_certificate /etc/nginx/cert/1526192532557.pem; ssl_certificate_key /etc/nginx/cert/1526192532557.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location ~ ^/ { proxy_pass http://127.0.0.1:3002; } location ~ ^/qushan/.+ { proxy_pass http://127.0.0.1:3002; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
以上是关于阿里云域名免费转ssl,实现https访问的主要内容,如果未能解决你的问题,请参考以下文章