1 登录阿里云账户,左侧菜单选择
-》
2 右上角选择购买证书,选择免费型
3 按照流程购买,回到订单列表。填写认证信息,选择DNS解析, 在列表 选择下载证书
4 我的服务器是nginx ,就以这个为例
使用winscp 登录服务器。按照要求 创建cert文件夹,把下载的证书文件上传
5 配置nginx.conf , 背景色部分为我修改的部分,然后重启nginx
server { listen 443; #listen [::]:80; server_name www.test.com test.com; index index.html index.htm index.php default.html default.htm default.php; root /home/wwwroot/www.test.com; ssl on; ssl_certificate ../cert/****.pem; ssl_certificate_key ../cert/*****.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; include other.conf; #error_page 404 /404.html; include enable-php.conf; location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*.(js|css)?$ { expires 12h; } location ~ /. { deny all; } access_log /home/wwwlogs/www.test.com.log; }
6 此时 http 和https都可以访问,这时需要配置80重定向到443, 重启nginx;
server { listen 80; server_name www.test.com; rewrite ^(.*) https://$server_name$1 permanent; }
效果: