ssl_certificate xxx.xxx_nginx/xxx.xxx_bundle.crt; # 私钥文件名称 ssl_certificate_key xxx.xxx_nginx/xxx.xxx.key; ssl_session_timeout 5m; # 请按照以下协议配置 ssl_protocols TLSv1.2 TLSv1.3; # 请按照以下套件配置, 配置加密套件, 写法遵循 openssl 标准 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256...
index index.html; location / { try_files $uri $uri/ =404; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/oyty.me/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/oyty...
Now that we have a location to place our files, we can create the SSL key and certificate files in one motion by typing: sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt 1. You will be asked a series of ...
Now that we have a location to place our files, we can create the SSL key and certificate files in one motion by typing: sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt You will be asked a series of questi...
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; 添加这些行后,保存文件并退出编辑器。如果您曾经 nano 编辑过该文件,则可以通过按 CTRL + X 、 Y 、来进行编辑 ENTER 。 使用强加密设置创建配置片段 接下来,您将创建另一个片段来定义一些 SSL 设置。这将为 Nginx 设置强大的 SSL 密码套件,并...
location/{#try_files $uri $uri/=404;proxy_pass http://gocd;include proxy_params;}... 完成后保存并关闭文件。 返回命令行后,键入以下命令检查Nginx配置是否存在语法错误: 代码语言:javascript 复制 sudo nginx-t 如果未找到任何错误,请键入以下命令重新启动Nginx服务: ...
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。 ssl_protocols TLSv1 TLSv1.1TLSv1.2; #修改protocols。 ssl_prefer_server_ciphers on; location/ { 然后保存之后, 重启一下nginx,应该就可以了...
ssl_certificate_key /usr/local/nginx/ssl/Nginx/2_www.XXXX.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; ...
配置主、子域名使用SSL证书并监听443端口 #主域名 server { server_name xx.com; client_max_body_size 1024m; listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl;ssl_certificate/etc/letsencrypt/live/{你证书所在的位置}/fullchain.pem;ssl_certificate_key/etc/letsencrypt/live/...
listen 443 ssl; server_name violet-ve.com; access_log logs/violet-ve.com.access.log main; location / { root html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } ssl_certificate /home/cert/violet-ve.com.cer; ...