配置nginx支持Https

配置nginx支持Https一定要先使用stop停止nginx然后重新代开不能使用reload

一:安装letsencrypt

1.从git上克隆下来
git clone https://github.com/letsencrypt/letsencrypt.git
2.切换到letsencrypt中
cd letsencrypt/

执行以下的命令(A/C)

./certbot-auto certonly --standalone --email 邮箱 -d 网址

成功后返回结果

 

二:nginx配置

  

      server {
        listen 80;
        #强制从http跳转到https
        server_name 域名;
        rewrite ^(.*) https://$server_name$1 permanent;
    }

    server {
        #暴露给外部访问的端口
        listen 443;
        ssl                  on;

        ssl_certificate      /etc/letsencrypt/live/域名/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/域名/privkey.pem;
 
        ssl_session_timeout  5m;
 
        ssl_protocols  SSLv2 SSLv3 TLSv1 TLSv1.2;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
        
        server_name 域名;
        charset utf-8;
        location / {
            include uwsgi_params;
            #外部访问80就转发到内部8000
            uwsgi_pass 127.0.0.1:8000; 
        }
    }

 

posted @ 2018-01-20 11:01  PHP大菜鸡  阅读(438)  评论(0编辑  收藏  举报