目前「寶塔SSL」自動申請綁定一個證書,即根域名和www域名,若是還須要綁定手機端m則須要綁定多個域名
若是多域名綁定一個網站數據,須要新建多個站點指向同一文件目錄。
用相同的方法,在不新建站點的前提下,手動修改「站點配置文件」;
經測試能夠多域名證書,缺點是不能再次經過寶塔編輯站點配置,不然會覆蓋文件
方法以下,先申請多個站點證書,而後在寶塔網站「www.bt.cn」右上角登陸會員帳號,下載證書,複製壓縮包的Nginx證書,上傳到/www/server/panel/vhost/cert/站點域名,目錄(多個域名都上傳)
打開站點的「站點配置」複製黏貼一份相同的內容,而後對黏貼的內容修改域名,替換新域名證書(第一行是bundle.pem,第二行是.key)
注意:檢測上面多個站點配置的域名不能有重複,爲安全期間,修改前,先備份一下原先配置
而後保存配置,重啓Nginx
php
server
{
listen 80;
listen 443 ssl http2;
server_name 123.cn;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/123_cn;
#SSL-START SSL相關配置,請勿刪除或修改下一行帶註釋的404規則
#error_page 404/404.html;
ssl_certificate /www/server/panel/vhost/cert/123.cn/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/123.cn/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
#SSL-END
#ERROR-PAGE-START 錯誤頁配置,能夠註釋、刪除或修改
error_page 404 /404.html;
error_page 502 /502.html;
#ERROR-PAGE-END
#PHP-INFO-START PHP引用配置,能夠註釋或修改
include enable-php-53.conf;
#PHP-INFO-END
#REWRITE-START URL重寫規則引用,修改後將致使面板設置的僞靜態規則失效
include /www/server/panel/vhost/rewrite/123.cn.conf;
#REWRITE-END
#禁止訪問的文件或目錄
location ~ ^/(\.user.ini|\.htaccess|\.git|\.project|LICENSE|README.md)
{
return 404;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$
{
expires 12h;
access_log off;
}
access_log /www/wwwlogs/123.cn.log;
}
server
{
listen 80;
listen 443 ssl http2;
server_name s.123.cn;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/123_cn;
#SSL-START SSL相關配置,請勿刪除或修改下一行帶註釋的404規則
#error_page 404/404.html;
ssl_certificate /www/server/panel/vhost/cert/123.cn/1_s.123.cn_bundle.pem;
ssl_certificate_key /www/server/panel/vhost/cert/123.cn/0_s.123.cn.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
#SSL-END
#ERROR-PAGE-START 錯誤頁配置,能夠註釋、刪除或修改
error_page 404 /404.html;
error_page 502 /502.html;
#ERROR-PAGE-END
#PHP-INFO-START PHP引用配置,能夠註釋或修改
include enable-php-53.conf;
#PHP-INFO-END
#REWRITE-START URL重寫規則引用,修改後將致使面板設置的僞靜態規則失效
include /www/server/panel/vhost/rewrite/123.cn.conf;
#REWRITE-END
#禁止訪問的文件或目錄
location ~ ^/(\.user.ini|\.htaccess|\.git|\.project|LICENSE|README.md)
{
return 404;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$
{
expires 12h;
access_log off;
}
access_log /www/wwwlogs/123.cn.log;
}
SSL裏面兩個文件的含義
fullchain.pem 是證書和根證書(上面放證書,下面放根證書)
privkey.pem 便是證書祕鑰css
參考網站:https://www.bt.cn/bbs/thread-8470-1-1.html?btwaf=80843689html