nginx中ssl证书配置
listen 443 ssl; ssl_certificate /xx/xx/xx/你的域名.pem; (有时候也是crt文件) ssl_certificate_key /xx/xx/xx/你的域名.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; 所有的xx可以自行决定路径,只要路径正确就行,建议是在etx/nginx下建一个ssl文件夹,不过,看个人喜好 剩余部分按照自己的需求配置即可,下面贴一个我的配置
server {
listen 80;
listen 443 ssl;
server_name mybbs.barleyz.cn;
root /xx/mybbs;
#include /etc/nginx/default.d/*.conf;
ssl_certificate /xx/xx/ssl/你的域名.pem;
ssl_certificate_key /xx/xx/ssl/你的域名.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
index index.html index.htm index.php;
#autoindex on;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?s=/$1 last;
break;
}
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
#下面是tp的重写配置
location ~ \.php(.*)$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
}本文为Barley原创文章,转载无需和我联系,但请注明来自Barley博客blog.barleyz.cn
- 最新评论
- 总共0条评论
