listen [::]:443 ssl http2; server_name _; root /usr/share/nginx/html; ssl_certificate "/etc/pki/nginx/server.pem"; ssl_certificate_key "/etc/pki/nginx/private.key"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m;ssl_ciphersPROFILE=SYSTEM; ssl_prefer_server_ciphers on; # ...
listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name _; ssl_certificate "/home/dev/certs/certificate_merge.crt";ssl_certificate_key"/home/dev/certs/private.key"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m;ssl_ciphersPROFILE=SYSTEM; ssl...
ssl_certificate /etc/pki/tls/ossez_com/ossez_com.ca.crt; ssl_certificate_key /etc/pki/tls/ossez_com/ossez_com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; } 在上面的内容中,我们可以看到了 2 个 文件的安装路...
# ssl_session_cache shared:SSL:1m; # ssl_session_timeout 10m; # ssl_ciphers PROFILE=SYSTEM; # ssl_prefer_server_ciphers on; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # # location / { # } # # error_page 404 /404.html;...
ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; } 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 在上面的内容中,我们可以看到了 2 个 文件的安装路径。
openssl ciphers -v 这将帮助你了解系统支持哪些加密套件,以及是否有任何与 "profile=system" 相关的预设配置。 修改Nginx配置文件中的ssl_ciphers指令: 如果"profile=system" 不是一个有效的预设或加密套件列表,你需要手动指定一个有效的加密套件列表。例如: nginx server { listen 443 ssl; server_name your_...
ssl_certificate conf.d/1_www.***.cn_bundle.crt; ssl_certificate_key conf.d/2_www.***.cn.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; location / {
}server{listen443ssl;server_namewww.***.cn;root/usr/share/nginx/html;autoindexon;ssl_certificateconf.d/1_www.***.cn_bundle.crt;ssl_certificate_keyconf.d/2_www.***.cn.key;ssl_session_cacheshared:SSL:1m;ssl_session_timeout10m;ssl_ciphersPROFILE=SYSTEM;ssl_prefer_server_cipherson;location...
ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; }EOF Note that if you are hosting for multiple domains, you can specify differentssl_certificateandssl_certificate_keyvalues for eachserver_nameconfiguration that you create in the/etc/nginx/conf.ddirectory. ...
ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } 保存退出并重启nginx 因为我们的证书没有给相关机构认证,所以还是提示不安全,但是不影响我们测试...