1. 在阿里雲: https://www.aliyun.com/product/security/markets/aliyun/product/cas 或者騰訊雲: https://buy.cloud.tencent.com/ssl?fromSource=ssl 申請證書 (因為阿里雲的感覺很慢, 所以我選擇了騰訊雲, 提交申請之后馬上就可以下載證書文件)
2. 上傳證書到服務器目錄如 /etc/nginx/ssl 下
3. nginx配置 80 端口 轉發到 443端口:
server { listen 80; server_name demo.example.com demo2.example.com; rewrite ^(.*)$ https://$host$1 permanent; }
4. nginx配置 443 端口配置:
upstream server1 { ip_hash; server localhost:8081; } server { # server1 # 注意如果配置了多個 443 ssl, 則需要任選一個 設置為 default listen 443 default ssl; server_name demo.example.com; ssl_certificate "/etc/nginx/ssl/1_demo.example_bundle.crt"; ssl_certificate_key "/etc/nginx/ssl/2_demo.example.key"; location /demo-api/ { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-NginX-Proxy true; proxy_pass http://server1; } }
5. 訪問瀏覽器, 看到熟悉的小鎖:
