Nginx的Https配置

一，准备工作

• 证书秘钥(阿里云、七牛都有一年免费的赛门铁克证书)
• Nginx服务器

二，修改配置文件

1,ssl配置文件ssl.conf

server {
    listen       443;
    server_name  yourdomain.com;
    ssl on;
    #your project path
    root         /www/trunk;

    ssl_certificate   /etc/cert/yoursignature.pem;
    ssl_certificate_key  /etc/cert/yoursignature.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  10m;
    #you need to modify yourfingerprint
    ssl_ciphers yourfingerprint;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    # Load configuration files for the default server block.
    # include /etc/nginx/default.d/*.conf;

    location / {
        root   /www/trunk;
        index  index.php index.html index.htm;
    }

    error_page 404 /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        root           /www/trunk;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /www/trunk$fastcgi_script_name;
        include        fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny  all;
    }
}

2，修改nginx默认配置default.conf

server {  
    listen  80;  
    server_name yourdomain.com;  
      
    rewrite ^(.*)$  https://$host$1 permanent;  
}

三，重启nginx

service nginx restart