admin_jim 2017-01-11
选择购买赛门铁克的免费 DV 证书。
https://common-buy.aliyun.com/?commodityCode=cas#/buy
根据提示不全内容
https://yundun.console.aliyun.com/?p=cas#/cas/home
下载证书 上传到服务器指定位置
配置nginx
server {
listen 443;
server_name example.com;
access_log /var/log/xxx.log;
root /xxx/xxx/;
ssl on;
#证书在服务器的绝对位置
ssl_certificate /xxx/213996598310998.pem;
#证书在服务器的绝对位置
ssl_certificate_key /xxx/213996598310998.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
index index.html index.htm index.php;
root /alidata/www/jimmyblog/wwwroot;
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param HTTPS 'on'; #这一项一定要加上 否则PHP程序中的$_SERVER['HTTPS']为空
include fastcgi.conf;
}
}