阿里云免费ssl证书审核及使用 淩亂°似流年 2022-03-01 00:10 273阅读 0赞 1、在阿里云或其他网站申请安全证书,选择免费版一直操作,最后选择文件验证 ![watermark_type_ZmFuZ3poZW5naGVpdGk_shadow_10_text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MTk5NjYzMg_size_16_color_FFFFFF_t_70][] 完成后会提示需要将fileauth.txt文件放到服务器目录下面\*\*\*\*.com/.well-known/pki-validation/文件目录下 而域名有时候带有www.\*\*\*.com这种二级域名,要求放到顶级域名\*\*\*.com下,少了www.这时候要解析顶级域名 然后在服务器代理nginx中,将顶级域名(要求的域名)配置在nginx中,nginx.conf中配置 详见官方文档[https://help.aliyun.com/knowledge\_detail/48016.html][https_help.aliyun.com_knowledge_detail_48016.html] // 此处是最简单的配置,去掉了多余的 upstream ceshi { server localhost:8080; } server { listen 443 ssl; #监听的端口 server_name localhost;#你的域名 #ssl on; #已不建议使用 ssl_certificate cert/214241097.pem; ssl_certificate_key cert/214241097.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://ceshi; } } #将http请求转为https请求 server { listen 80; server_name localhost; location / { rewrite ^(.*) https://$server_name$1 permanent; } } [watermark_type_ZmFuZ3poZW5naGVpdGk_shadow_10_text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MTk5NjYzMg_size_16_color_FFFFFF_t_70]: /images/20220301/78acbafde9ce40cba93930f89df4b19c.png [https_help.aliyun.com_knowledge_detail_48016.html]: https://help.aliyun.com/knowledge_detail/48016.html
还没有评论,来说两句吧...