4.然后需要去所在服务器上配置key和pem,当然我们这里选择的是自动生成key,如果有必要可以自己去制作key,按照阿里云上的步骤操作就是了。如下所示:
server { listen 443; server_name localhost; ssl on; root html; index index.html index.htm; ssl_certificate cert/21.pem; ssl_certificate_key cert/21.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }
这时候不要忙着去重启nginx,首要要去查看nginx是否增加ssl模块,如果没有,需要重新编译,先执行sudo apt-get install openssl libssl-dev安装ssl,然后进入nginx目录执行如下语句:
./configure --prefix=/usr/local/nginx --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-http_gzip_static_module --http-client-body-temp-path=/var/temp/nginx/client --http-proxy-temp-path=/var/temp/nginx/proxy --http-fastcgi-temp-path=/var/temp/nginx/fastcgi --http-uwsgi-temp-path=/var/temp/nginx/uwsgi --http-scgi-temp-path=/var/temp/nginx/scgi --add-module=/home/scp/fastdfs-nginx-module/src --with-http_stub_status_module --with-http_ssl_module
"htmlcode">
server { listen 80; server_name www.域名.com; rewrite ^(.*) https://$server_name$1 permanent; }