nginx-ssl

Nginx https 证书自己生成(debian系系统为例)

1.切换到/etc/nginx 目录下执行

1
sudo openssl req -new -x509 -nodes -out server.crt -keyout server.key

2.配置站点nginx(/etc/nginx/sites-enabled/test)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
upstream php5.6-fpm {
server unix:/var/run/php/php5.6-fpm.sock;
}
server {
listen 443 ssl;
listen [::]:443 ssl;

server_name www.test.local;

ssl on;

ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;

ssl_session_cache shared:SSL:1m;


root /home/dyl/website/test;

location / {
try_files $uri $uri/ /index.php$is_args$args;
}
index index.php index.html;

location ~ \.php$ {
# 设置php-fpm
fastcgi_pass php5.6-fpm;
# 设置nginx的默认首页文件(上面已经设置过了,可以删除)
fastcgi_index index.php;
# 设置脚本文件请求的路径
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# 引入fastcgi的配置文件
include fastcgi_params;
}


# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}

3.重启nginx服务

1
sudo systemctl restart nginx