Linux-Nginx配置SSL

配置HTTPS

第一、云服务器账号内是否开放443端口
第二、内容服务器防火墙是否开放443
第三、查看是否有xsl、ssl扩展
第四、证书上传
第五、修改配置文件

server
{
    listen 443 ssl;
    server_name  www.abc.com;

    ssl_certificate      /etc/nginx/cert/www.abc.com.crt;
    ssl_certificate_key  /etc/nginx/cert/www.abc.com.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;

    index index.php index.html index.htm default.php default.htm default.html;
    root /project/test/public;

    access_log  /var/log/nginx/www.abc.com.access.log  main;
    error_log   /var/log/nginx/www.abc.com.error.log   warn;

    #ERROR-PAGE-START  错误页配置，可以注释、删除或修改
    error_page 404 /404.html;
    error_page 502 /502.html;
    #ERROR-PAGE-END

    #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
    location / {
        try_files $uri $uri/ /index.php$is_args$query_string;
        client_max_body_size 100m;
    }
    #REWRITE-END

    #禁止访问的文件或目录
    location ~ ^/(\.user.ini|\.htaccess|\.git|\.project|LICENSE|README.md)
    {
        return 404;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
        access_log off;
    }
    location ~ \.php {
        include /etc/nginx/fastcgi_params;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        set $real_script_name $fastcgi_script_name;
        if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
            set $real_script_name $1;
            set $path_info $2;
         }
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         fastcgi_param SCRIPT_NAME $real_script_name;
         fastcgi_param PATH_INFO $path_info;
         fastcgi_connect_timeout 300;
         fastcgi_read_timeout 300;
         fastcgi_send_timeout 300;
         fastcgi_buffer_size 64k;
         fastcgi_buffers 4 64k;
         fastcgi_busy_buffers_size 128k;
   }

    location ~ .*\.(js|css)?$
    {
        expires      12h;
        access_log off;
    }
}