给自己的网站增加ssl加密链接

2016-03-01 10:33:00
hainuo
原创 1573
摘要:给自己的网站增加ssl加密链接
给自己的网站增加ssl加密链接1. 申请证书https://buy.wosign.com/free/#ssl直接申请即可2. 申请成功后找到nginx包解压得到`csr`和`key`文件3. 修改nginx配置```server {listen 443 ssl http2;ssl_certificate /usr/local/nginx/conf/hainuo.info.crt;ssl_certificate_key /usr/local/nginx/conf/hainuo.info.key;ssl_session_timeout 10m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on;ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!DSS:!PKS;ssl_session_cache builtin:1000 shared:SSL:10m;resolver 8.8.8.8 8.8.4.4 valid=300s;resolver_timeout 5s;server_name hainuo.info;access_log /data/wwwlogs/hainuo.info_nginx.log combined;index index.html index.htm index.php;include /usr/local/nginx/conf/none.conf;root /data/wwwroot/hainuo.info;location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv)$ { valid_referers none blocked *.hainuo.info hainuo.info; if ($invalid_referer) { #rewrite ^/ http://www.linuxeye.com/403.html; return 403; } }location ~ [^/]\.php(/|$) { #fastcgi_pass remote_php_ip:9000; fastcgi_pass unix:/dev/shm/php-cgi.sock; fastcgi_index index.php; include fastcgi.conf; }location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|ico)$ { expires 30d; access_log off; }location ~ .*\.(js|css)?$ { expires 7d; access_log off; }}server {listen 80;server_name hainuo.info;rewrite ^/(.*) https://$server_name/$1 permanent;}```4. 重新加载配置```service nginx reload```
发表评论
玖 加 伍 =
评论通过审核后显示。