Linux : 申请SSL证书并配置Nginx

1. 在阿里云: https://www.aliyun.com/product/security/markets/aliyun/product/cas   或者腾讯云: https://buy.cloud.tencent.com/ssl?fromSource=ssl  申请证书 (因为阿里云的感觉很慢, 所以我选择了腾讯云, 提交申请之后马上就可以下载证书文件)

2. 上传证书到服务器目录如 /etc/nginx/ssl 下

3. nginx配置 80 端口 转发到 443端口:

server {
    listen 80;
    server_name demo.example.com demo2.example.com;
    rewrite ^(.*)$ https://$host$1  permanent;
}

4. nginx配置 443 端口配置:

upstream server1 {
    ip_hash;
    server localhost:8081;
}
server {
    # server1
    # 注意如果配置了多个 443 ssl, 则需要任选一个 设置为 default
    listen 443 default ssl; 
    server_name demo.example.com;

    ssl_certificate "/etc/nginx/ssl/1_demo.example_bundle.crt";
    ssl_certificate_key "/etc/nginx/ssl/2_demo.example.key";

    location /demo-api/ {
        # 用来修改相应的Location, 把http换成用户请求的协议方式
        proxy_redirect http:// $scheme://;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://server1;
    }
}

 5. 访问浏览器, 看到熟悉的小锁: