一、獲取https證書,以阿里雲為例
1.進入域名解析,添加一個域名,詳細過程略
2.購買免費版ssl證書,購買完之后,填寫域名信息
3.待審核通過,下載ssl證書
二、linux 部署
1. 新建一個文件夾,放上面下載后的壓縮包,並解壓,解壓后為兩個文件key和pem
2.修改linux配置文件,並重啟
server{
#listen 80;
#需替換
server_name XXX.com;
listen 443 ssl;
ssl on;
#public key
#需替換
ssl_certificate /webapp/cert/business/XXX.com.pem;
#private key
#需替換
ssl_certificate_key /webapp/cert/business/XXX.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
#wap
location / {
if ($http_user_agent = ""){
return 403;
}
if ($http_user_agent = "-"){
return 403;
}
trim on;
trim_js on;
trim_css on;
#需替換
proxy_pass http://XXX:8192;
proxy_buffering on;
index index.jsp index.htm index.html ;
proxy_redirect default ;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header Content-Type "application/json;charset=utf-8";
client_max_body_size 70m;
}
}
重啟!完畢!