配置nginx支持Https

配置nginx支持Https一定要先使用stop停止nginx然后重新代开不能使用reload

一:安装letsencrypt

1.从git上克隆下来
git clone https://github.com/letsencrypt/letsencrypt.git
2.切换到letsencrypt中
cd letsencrypt/
执行以下的命令(A/C)
./certbot-auto certonly --standalone --email 邮箱 -d 网址
成功后返回结果

安装成功

二:nginx配置

  server {
        listen 80;
        #强制从http跳转到https
        server_name 域名;
        rewrite ^(.*) https://$server_name$1 permanent;
    }

    server {
        #暴露给外部访问的端口
        listen 443;
        ssl                  on;

        ssl_certificate      /etc/letsencrypt/live/域名/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/域名/privkey.pem;
 
        ssl_session_timeout  5m;
 
        ssl_protocols  SSLv2 SSLv3 TLSv1 TLSv1.2;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
        
        server_name 域名;
        charset utf-8;
        location / {
            include uwsgi_params;
            #外部访问80就转发到内部8000
            uwsgi_pass 127.0.0.1:8000; 
        }
    }

你可能感兴趣的:(配置nginx支持Https)