www.timophp.com
请到阿里云申请
安全-证书服务-购买证书
server {
listen 80;
server_name www.timophp.com;
charset utf-8;
access_log off;
root /data/timophp/public;
}
1、下载fileauth.txt放到/data/timophp/public/.well-known/pki-validation目录下面
2、访问:http://www.timophp.com/.well-known/pki-validation/fileauth.txt
3、等待审核通过
1、在nginx安装目录创建cert目录,如:/usr/local/nginx/cert/
2、下载证书到cert目录
server {
listen 80;
server_name www.timophp.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name www.timophp.com;
ssl_certificate /usr/local/nginx/cert/1234567890.pem;
ssl_certificate_key /usr/local/nginx/cert/1234567890.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
charset utf-8;
#access_log /data/log/nginx/www_timophp.access.log;
access_log off;
root /data/gumaor/public;
error_page 404 /404.html;
location /favicon.ico {
log_not_found off;
access_log off;
}
location / {
index index.php index.html index.htm;
if (!-e $request_filename) {
rewrite ^/(.*)$ /web/index.php/$1 last;
}
}
location ~ \.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/dev/shm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
firewall-cmd --add-service=https --permanent
firewall-cmd --reload
http://blog.csdn.net/zhoutimo/article/details/51991427