nginx 安装SSL证书
1.证书准备
下载CA证书,在此我下载下来的文件是IntermediateCA.cer和ssl_certificate.cer
2.Key证书转换
openssl pkcs12 -in domain_name_privatekey.p12 -out domain_name.key -nocerts -nodes
3.生成CRT证书
cat ssl_certificate.cer IntermediateCA.cer » domain_name.crt
4.nginx配置
server {
listen 80;
server_name www.domain.com;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443;
server_name www.domain.com;
ssl on;
ssl_certificate /path/domain_name.crt;
ssl_certificate_key /path/domain_name.key;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /data/web/www;
index index.html;
}
}
5.如果有后台API,需要视情况升级修改。