获取SSL证书
配置Nginx
server {
listen 443 ssl;
server_name your.domain.com;
ssl_certificate your.domain.com.cert;
ssl_certificate_key your.domain.com.key;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
......
}
server {
listen 80;
listen 443 ssl;
server_name your.domain.com;
ssl_certificate your.domain.com.cert;
ssl_certificate_key your.domain.com.key;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
......
}
- HTTP跳转到HTTPS
- 方法一:重定向(独立server)
server {
listen 80;
server_name your.domain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name your.domain.com;
ssl_certificate your.domain.com.cert;
ssl_certificate_key your.domain.com.key;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
......
}
server {
listen 80;
listen 443 ssl;
server_name your.domain.com;
ssl_certificate your.domain.com.cert;
ssl_certificate_key your.domain.com.key;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
......
}
server {
listen 80;
listen 443 ssl;
server_name agent.wusong.com;
add_header Strict-Transport-Security "max-age=86400" always;
ssl_certificate /etc/nginx/ssl/agent.wusong.com.cert;
ssl_certificate_key /etc/nginx/ssl/agent.wusong.com.key;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
......
}
最后编辑于 :
©著作权归作者所有,转载或内容合作请联系作者
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。
