Linux下SSL證書申請以及配置到Nginx

時間 2019-11-11

標籤 linux ssl 證書申請以及配置 nginx 欄目 Linux 简体版

原文原文鏈接

wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
chmod +x letsencrypt.shjavascript

編輯下配置文件:php

vim letsencrypt.confhtml

ACCOUNT_KEY="letsencrypt-account.key"
DOMAIN_KEY="域名.key"
DOMAIN_DIR="網站文件夾"
DOMAINS="DNS:域名,DNS:域名"
#ECC=TRUE
#LIGHTTPD=TRUE

運行:java

./letsencrypt.sh letsencrypt.confnginx

運行後會生成不少文件git

其中:github

www.chained.crt 域名.keyvim

這兩個是要的app

nginx配置:tcp

user www;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    #access_log  logs/access.log  main;
    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    server {
        listen       80;
        server_name  域名;　　　　　#實現自動重寫
        rewrite ^(.*)$  https://$host$1 permanent;
    }
    # HTTPS server
    server {
       listen       443 ssl;
       server_name  域名;
       #charset: utf-8;
       ssl_certificate      /home/wwwroot/www.chained.crt;
       ssl_certificate_key  /home/wwwroot/域名.key;
       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
       location / {
            root   網站文件夾;
            index  index.html index.htm index.php;
        }
        location ~ \.php$ {
            fastcgi_buffer_size 128k;
            fastcgi_buffers 32 32k;
            root           網站文件夾;
            fastcgi_pass   unix:/tmp/php-fpm.sock;
            fastcgi_index  index.php;
            #include fastcgi.conf;
            fastcgi_param  DOCUMENT_ROOT 網站文件夾;
            fastcgi_param  SCRIPT_FILENAME  網站文件夾$fastcgi_script_name;
            include        fastcgi_params;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。