必要条件

配置SSL关联到对应域名

下载证书

Nginx配置SSL
- 在Nginx的安装目录下创建cert目录,并且将下载的全部文件拷贝到cert目录中。


server {
listen 80;
server_name www.coffeecola.cn;
return 301 https://www.coffeecola.cn$request_uri;
}
server {
listen 443 ssl;
server_name www.coffeecola.cn;
ssl on;
ssl_certificate /etc/nginx/cert/215095583230016.pem;
ssl_certificate_key /etc/nginx/cert/215095583230016.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
root /root/blog_front/dist/;
location / {
index index.html index.htm;
autoindex on;
}
location /api/ {
proxy_pass https://www.coffeecola.cn:8080/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}