You are here
nginx 配置 ssl https 自己亲自做的 有大用 有大大用
[root@ebs-25879 vhost]# vim wap.shrszg.cn.conf
server {
listen 80;
root /home/wwwroot/wap_aaa_cn/public_html;
server_name wap.aaa.cn ;
index index.html index.php index.htm;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 503 /errpage/503.html;
location ~ \.php$ {
proxy_pass http://127.0.0.1:88;
include naproxy.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 1d;
}
location ~ .*\.(js|css|htm)?$ {
expires 12h;
}
location ~ /\.ht {
deny all;
}
location / {
try_files $uri @apache;
}
location @apache {
internal;
proxy_pass http://127.0.0.1:88;
include naproxy.conf;
}
}
server {
listen 443;
root /home/wwwroot/wap_saaa_cn/public_html;
ssl on;
ssl_certificate cert/wap.aaa.cn.pem;
ssl_certificate_key cert/wap.aaa.cn.key;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
server_name wap.aaa.cn;
index index.html index.php index.htm;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 503 /errpage/503.html;
location ~ \.php$ {
proxy_pass http://127.0.0.1:88;
include naproxy.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 1d;
}
location ~ .*\.(js|css|htm)?$ {
expires 12h;
}
location ~ /\.ht {
deny all;
}
location / {
try_files $uri @apache;
}
location @apache {
internal;
proxy_pass http://127.0.0.1:88;
include naproxy.conf;
}
}