创建第一个虚拟主机:
mkdir /data/nginx/vhost1 -pv
[root@mysql_node4 ~]# more /data/nginx/vhost1/index.html
<h1>this is nginx test<h1>
[root@mysql_node4 ~]# more /etc/nginx/conf.d/vhost1.conf
server {
listen 8080;
server_name www.linux.io;
root /data/nginx/vhost1;
}
image.png
# nginx -V #查看编译详细配置
# nginx -t #查看语法错误
# nginx -s reload #重新装载
https配置:
[root@mysql_node4 ssl]# more /etc/nginx/conf.d/vhost1.conf
server{
listen 443 ssl; #修改监听端口
server_name www.linux.io;
root /data/nginx/vhost1;
access_log /var/log/nginx/vhost1_ssl_access.log main;
ssl on; #开启ssl
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols sslv3 tlsv1 tlsv1.1 tlsv1.2;#支持哪些协议
ssl_session_cache shared:sslcache:20m;#指明缓存大小,1M能够缓存4000个会话
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5; #加密算法
ssl_session_timeout 10m; #保持session会话时间
}
Htt跳转https:
rewrite 或者 return 301 都可以
[root@mysql_node4 ssl]# more /etc/nginx/conf.d/vhost1.conf
server{
listen 80;
server_name www.linux.io;
rewrite ^(.*) https://$server_name$1 permanent;
#return 301 https://$server_name$request_uri;
}
server{
listen 443 ssl; #修改监听端口
server_name www.linux.io;
root /data/nginx/vhost1;
access_log /var/log/nginx/vhost1_ssl_access.log main;
ssl on; #开启ssl
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols sslv3 tlsv1 tlsv1.1 tlsv1.2;#支持哪些协议
ssl_session_cache shared:sslcache:20m;#指明缓存大小,1M能够缓存4000个会话
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5; #加密算法
ssl_session_timeout 10m; #保持session会话时间
}
网友评论