nginx配置ssl证书

　

 

https://freessl.cn/   #免费的ssl证书申请网站

nginx的配置：

server {
    listen 80;
    listen 443 ssl;
    server_name cloud.maslong.com ;

    if ($ssl_protocol = "") {
      rewrite ^ https://$server_name$request_uri? permanent;
    }

    root html;
    index index.html index.htm;
    ssl_certificate /data/app/nginx/cert/maslong.com.pem;
    ssl_certificate_key /data/app/nginx/cert/maslong.com.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    #表示使用的加密套件的类型。
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #表示使用的TLS协议的类型。
    ssl_prefer_server_ciphers on;
    location / {
        root /data/app/nginx/html/zkeys;        #站点的路径
        index index.php index.html index.htm;
        if (!-e $request_filename) {
            rewrite ^(.*)$ /index.php$1 last;
    }
}

    location ~ ^.+\.php {
         root /data/app/nginx/html/zkeys;        #站点的路径
        fastcgi_pass 127.0.0.1:9000;                      #根据自己的 php-fpm 配置填写
        fastcgi_index index.php;

        ###配置支持pathinfo
        fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
          fastcgi_param PATH_INFO $fastcgi_path_info;
          fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;

        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}