1.搜索阿里云账号,搜索证书
2.购买证书
3.选择免费版
4.点击购买
5.申请完之后就填写域名信息啦
6.过几天证书下来后点击下载
7.登录服务器,创建一个存放证书的目录
[root@zhp nginx]# mkdir cert/
上传证书并解压
[root@zhp nginx]# cd cert/
[root@zhp cert]# ll
total 12
-rw-r--r-- 1 root root 1675 Mar 20 10:51 3558436_www.everthing.top.key
-rw-r--r-- 1 root root 4038 Mar 20 10:51 3558436_www.everthing.top_nginx.zip
-rw-r--r-- 1 root root 3683 Mar 20 10:51 3558436_www.everthing.top.pem
8.编写配置文件
[root@zhp conf.d]# cat blog.conf
server {
listen 443 ssl;
server_name www.everthing.top;
root /code/wordpress;
index index.php index.html;
client_max_body_size 64M;
access_log /var/log/nginx/blog.drz.com_access.log main;
if ( -f $request_filename/index.html ){
rewrite (.*) $1/index.html break;
}
if ( -f $request_filename/index.php ){
rewrite (.*) $1/index.php;
}
if ( !-f $request_filename ){
rewrite (.*) /index.php;
}
ssl_certificate /etc/nginx/cert/3558436_www.everthing.top.pem;
ssl_certificate_key /etc/nginx/cert/3558436_www.everthing.top.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS on;
include fastcgi_params;
}
location /status {
stub_status;
}
}
server {
listen 80;
server_name www.everthing.top;
return 302 https://$server_name$request_uri;
}
9.重启一下nginx
10.开发防火墙的端口,要不然访问网站访问不出来哟
firewall-cmd --add-port=443/tcp --zone=public --permanent
firewall-cmd --reload
网友评论