nginx-ssl

发表于 更新于

Nginx https 证书自己生成(debian系系统为例)

1.切换到/etc/nginx 目录下执行

1
sudo openssl req -new -x509 -nodes -out server.crt -keyout server.key

2.配置站点nginx(/etc/nginx/sites-enabled/test)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
upstream php5.6-fpm {
    server unix:/var/run/php/php5.6-fpm.sock;
}
server {
	listen 443 ssl;
	listen [::]:443 ssl;

	server_name www.test.local;

    ssl on;

    ssl_certificate     /etc/nginx/server.crt;
    ssl_certificate_key /etc/nginx/server.key;
    
    ssl_session_cache    shared:SSL:1m;


	root /home/dyl/website/test;
	
    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
    index index.php index.html;

    location ~ \.php$ {
            # 设置php-fpm
            fastcgi_pass   php5.6-fpm;
            # 设置nginx的默认首页文件(上面已经设置过了,可以删除)
            fastcgi_index  index.php;
            # 设置脚本文件请求的路径
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            # 引入fastcgi的配置文件
            include        fastcgi_params;
        }


	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	location ~ /\.ht {
		deny all;
	}
}

3.重启nginx服务

1
sudo systemctl restart nginx