本文章总结了三个关于nginx接入https/ssl关键配置文件写法,有需要学习的同学可参考参考。
https配置
| 代码如下 |
|
|
server {
listen 8443;
server_name paycenter.hubs1.net;
ssl on;
ssl_certificate myserver.pem;
ssl_certificate_key key.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
proxy_pass http://paycentertest;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
|
实例 nginx接入https关键配置文件
| 代码如下 |
|
|
server
{
listen 432 ssl;
server_name www.test.com;
ssl on;
ssl_certificate /usr/local/nginx/ssl/www.test.com.crt.pem;
ssl_certificate_key /usr/local/nginx/ssl/www.test.com.key.pem;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!EXP:!ADH:!LOW:!SSLv2:!MD5;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
access_log /data/logs/SSL_www.test.com_access.log;
error_log /data/logs/SSL_www.test.com_error.log;
root /www/test/ssl/web;
index index.php index.html index.htm;
if ($uri !~ ^.*(.xml|.html|.htm|index.php|soap.php|php.php|health.php|status|.swf|.css|.js|.gif|.png|.jpg|.jpeg|.ico)){
rewrite ^/(.*)$ /index.php?$1 last;
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
fastcgi_param HTTPS on;
}
}
|
实例 nginx接入ssl完整配置文件
| 代码如下 |
|
|
server
{
listen 432 ssl;
server_name www.test.com;
ssl on;
ssl_certificate /usr/local/nginx/ssl/www.test.com.crt.pem;
ssl_certificate_key /usr/local/nginx/ssl/www.test.com.key.pem;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!EXP:!ADH:!LOW:!SSLv2:!MD5;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
access_log /data/logs/SSL_www.test.com_access.log;
error_log /data/logs/SSL_www.test.com_error.log;
root /www/test/ssl/web;
index index.php index.html index.htm;
if ($uri !~ ^.*(.xml|.html|.htm|index.php|soap.php|php.php|health.php|status|.swf|.css|.js|.gif|.png|.jpg|.jpeg|.ico)){
rewrite ^/(.*)$ /index.php?$1 last;
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
fastcgi_param HTTPS on;
}
}
|
