centos nginx https 配置

1,若是想配置一個域名到指定目錄咋弄呢?下面這個

server {
        listen  80;    
        server_name 這裏換成你的域名,例如baidu.com;    
        set $root_path '/home/wwwroot/tapai_html/';    
        root $root_path;
        
        index index.html index.php index.htm;    
        
        # rewrite ^(.*) https://$server_name;
        try_files $uri $uri/ @rewrite;    
        

        location @rewrite {    
            rewrite ^/(.*)$ /index.php?_url=/$1;    
        }    
        
        location ~ \.php {    
        
            fastcgi_pass 127.0.0.1:9000;    
            fastcgi_index /index.php;    
        
            fastcgi_split_path_info       ^(.+\.php)(/.+)$;    
            fastcgi_param PATH_INFO       $fastcgi_path_info;    
            fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;    
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;    
            include                       fastcgi_params; 
        }   

        # location /imgtext_detail {
                # proxy_pass /home/wwwroot/tapai_html/imgtext_detail;
                # proxy_pass http://127.0.0.1:9000/imgtext_detail/;
        # }

        location ~* ^/(css|img|js|flv|swf|download)/(.+)$ {    
            root $root_path;    
        }    
        
        location ~ /\.ht {    
            deny all;    
        }    
    }

2,若是想讓這個域名同時也支持https訪問,該咋辦呢?下面這個server和上面的server同時在就行了

server {
       listen       443;
       listen       [::]:443;
       server_name  這裏換成你的域名,例如baidu.com;
       root         /home/wwwroot/tapai_html/;

       ssl on; 
    #    ssl_session_tickets off;
       ssl_certificate "/etc/nginx/ssl/這裏換成證書.crt"; #也有多是.pem結尾的
       ssl_certificate_key "/etc/nginx/ssl/這裏換成祕鑰.key";
       ssl_session_cache shared:SSL:1m;
       ssl_session_timeout  10m;
       ssl_ciphers HIGH:!aNULL:!MD5;
       ssl_prefer_server_ciphers on;

       # Load configuration files for the default server block.
       include /etc/nginx/default.d/*.conf;

       error_page 404 /404.html;
           location = /40x.html {
       }

       error_page 500 502 503 504 /50x.html;
           location = /50x.html {
       }
   }

3,若是想讓同個ip,支持兩個https域名,該咋辦呢?把上面server複製一份,把裏面的server_name 換成另外一個域名,而且把證書和祕鑰路徑改一下就好了

server {
       listen       443;
       listen       [::]:443;
       server_name  這裏配置另外一個域名,好比qq.com;
       root         /home/wwwroot/tapai_html/;

       ssl on; 
    #    ssl_session_tickets off;
       ssl_certificate "/etc/nginx/ssl/這裏換成此域名對應的證書.pem";
       ssl_certificate_key "/etc/nginx/ssl/這裏換成此域名對應的祕鑰.key";
       ssl_session_cache shared:SSL:1m;
       ssl_session_timeout  10m;
       ssl_ciphers HIGH:!aNULL:!MD5;
       ssl_prefer_server_ciphers on;

       # Load configuration files for the default server block.
       include /etc/nginx/default.d/*.conf;

       error_page 404 /404.html;
           location = /40x.html {
       }

       error_page 500 502 503 504 /50x.html;
           location = /50x.html {
       }
   }