首页 > 代码库 > Linux下安全证书申请以及配置到Nginx
Linux下安全证书申请以及配置到Nginx
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
chmod +x letsencrypt.sh
编辑下配置文件:
vim letsencrypt.conf
ACCOUNT_KEY="letsencrypt-account.key" DOMAIN_KEY="域名.key" DOMAIN_DIR="网站文件夹" DOMAINS="DNS:域名,DNS:域名" #ECC=TRUE #LIGHTTPD=TRUE
运行:
./letsencrypt.sh letsencrypt.conf
运行后会生成很多文件
其中:
www.chained.crt 域名.key
这两个是要的
nginx配置:
user www;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name 域名;
#实现自动重写
rewrite ^(.*)$ https://$host$1 permanent;
}
# HTTPS server
server {
listen 443 ssl;
server_name 域名;
#charset: utf-8;
ssl_certificate /home/wwwroot/www.chained.crt;
ssl_certificate_key /home/wwwroot/域名.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
root 网站文件夹;
index index.html index.htm index.php;
}
location ~ \.php$ {
fastcgi_buffer_size 128k;
fastcgi_buffers 32 32k;
root 网站文件夹;
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_index index.php;
#include fastcgi.conf;
fastcgi_param DOCUMENT_ROOT 网站文件夹;
fastcgi_param SCRIPT_FILENAME 网站文件夹$fastcgi_script_name;
include fastcgi_params;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
Linux下安全证书申请以及配置到Nginx
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。