1、申请证书并下载证书文件
证书文件有2个,举例如下:
mscims.com.key
mscims.com.pem
2、将证书文件放入cert文件夹
在niginx目录建立cert文件夹,将证书文件拷入,以便引用(注意检查路径);
3、修改nginx配置文件nginx.conf
具体如下:
server {
listen 80;
server_name mscims.com;
rewrite ^(.*)$ https://$host$1 permanent;
}
# HTTPS server
server {
listen 443 ssl;
server_name mscims.com;
root html;
index index.html index.htm;
ssl_certificate cert/mscims.com.pem;
ssl_certificate_key cert/mscims.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api/ {
proxy_pass http://www.mscims.com:8000/;
proxy_set_header Host $host:$server_port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
4、重启nginx服务器
./nginx -s stop
./nginx -s reopen
5、注意事项
5.1 关于重启
用./nginx -s reload重启可能不成功,建议先用stop和reopen命令;
5.2 找不到nginx.pid文件
如果提示错误
nginx: [error] open() "/usr/local/nginx/logs/nginx.pid" failed (2: No such file or directory)
运行
./nginx -c /usr/local/nginx/conf/nginx.conf
以上内容经实际测试,如有疑问可发邮件咨询,联系方式如下:
作者:胡国峰
邮箱:huguofeng@haxada.com
公司:西安好享达科技有限公司
原文链接:https://blog.csdn.net/qq_27474555/article/details/102929680