sub.domain.com.ssl 文件配置内容: ssl on; ssl_certificate/etc/letsencrypt/live/sub.domain.com/fullchain.pem; ssl_certificate_key/etc/letsencrypt/live/sub.domain.com/privkey.pem; ssl_prefer_server_ciphers on; ssl_dhparam/etc/nginx/sites-enabled/dhparam.pem; //这里的 dhparam.pem 去目录下自己...
server_name it-blog-cn.com;ssl_certificate /usr/local/nginx/conf/cert/it-blog-cn.com.pem; ssl_certificate_key /usr/local/nginx/conf/cert/it-blog-cn.com.key;ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m;ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on;location /...
ssl_certificate 1_sumu.today_bundle.crt; #私钥文件名称 ssl_certificate_key 2_sumu.today.key; ssl_session_timeout 5m; #请按照以下协议配置 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!
sub.domain.com.ssl 文件配置内容: ssl on; ssl_certificate /etc/letsencrypt/live/sub.domain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sub.domain.com/privkey.pem; ssl_prefer_server_ciphers on; ssl_dhparam /etc/nginx/sites-enabled/dhparam.pem; //这里的 dhparam.pem 去目录下...
aNULL:!MD5;ssl_prefer_server_cipherson;location/ {roothtml;indexindex.html index.htm;}} 【3】通过nginx -t校验nginx文件语法。如果提示找不到证书文件,说明文件路径配置的不正确。 [root@iZuf65h6i43ltlzhqolumyZ conf]# ../sbin/nginx -tnginx:...
For$proxy_add_x_forwarded_for;proxy_hide_headerX-Powered-By;# try_files $uri $uri/ =404;}listen[::]:443ssl ipv6only=on;# managed by Certbotlisten443ssl;# managed by Certbotssl_certificate/etc/letsencrypt/live/dhbmw.com/fullchain.pem;# managed by Certbotssl_certificate_key/etc/lets...
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload;"; } 在以上代码中,listen 443 ssl启用了Web服务的SSL服务端口,server_name指定域名,ssl_certificate和ssl_certificate_key指定证书的路径,除此之外用的都是SSL的标准配置。 注意:nginx中...
会在ssl生产两个证书,nginx.crt就是公钥,nginx.key就是私钥 image 2、修改Nginx配置 nginx配置修改如下 server { listen 443 ssl; server_name 999.999.999.999; ssl_certificate /usr/local/nginx/ssl/nginx.crt; ssl_certificate_key /usr/local/nginx/ssl/nginx.key; ...
key /usr/local/nginx/ssls/testweb.95105813.cn.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; location /{ proxy_pass https://192.168.100.13:8002; #后端的web服务器 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x...
1. 准备SSL证书我这里使用的是域名服务商签发的SSL证书,如果你没有合法可信任的SSL证书,可以搜索签发私有证书方法。 代码语言:javascript 复制 file ssl/domain.*domain.crt:PEMcertificate domain.key:PEMRSAprivatekey 2. 配置Nginx 代码语言:javascript