在公司里自己亲自做的有关 nginx 的 https ssl 证书有大用有大大用有大大大用

星期五, 2025-03-28 10:36 — adminshiping1

[root@kslk-es-faq vhost]# vim abc.mm.nn.kkk.conf

.............................................................................................................................................................................

server {

listen 443;

root /www/web/abc_mm_nn_kkk/public_html;

server_name abc.mm.nn.kkk aaaa.bbbb-ict.com;

ssl on;

ssl_certificate cert/aaaa.bbbb-ict.com.pem;

ssl_certificate_key cert/aaaa.bbbb-ict.com.key;

ssl_prefer_server_ciphers on;

ssl_session_timeout 10m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

#rewrite ^.*$ http://abc.mm.nn.kkk permanent;

index index.html index.php index.htm;

error_page 400 /errpage/400.html;

error_page 403 /errpage/403.html;

error_page 404 /errpage/404.html;

error_page 503 /errpage/503.html;

#rewrite ^/sites/default/files/styles/thumbnail/public/pictures/(.*)$ /sites/default/files/pictures/$1 last;

location ~ \.php$ {

proxy_pass http://127.0.0.1:88;

include naproxy.conf;

}

location /pdf/ {

return 404;

}

location ~* /pdf/.*\.(gif|jpg|jpeg|png)$ {

valid_referers blocked *.nnnnn-ict.com;

if ($invalid_referer){

return 404;

}

location /doc/ {

return 404;

}

location ~* /doc/.*\.(gif|jpg|jpeg|png)$ {

valid_referers blocked *.nnnnn-ict.com;

if ($invalid_referer){

return 404;

}

location ~* /sites/default/files/private/.*\.(gif|jpg|jpeg|png|pdf|pptx|xls|xlsx|csv|html|txt|htm)$ {

valid_referers blocked *.nnnnn-ict.com;

if ($invalid_referer){

return 404;

}

#location /sites/default/files/style/thumbnail/public/pictures/ {

# rewrite /sites/default/files/style/thumbnail/public/pictures/(.*)$ /sites/default/files/pictures/$1 break;

location ~ system.*\.(gif|jpg|jpeg|png|bmp|swf)$ {

proxy_pass http://127.0.0.1:88;

include naproxy.conf;

}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {

expires 1d;

}

location ~ .*\.(js|css|htm)?$ {

expires 12h;

}

location ~ /\.ht {

deny all;

}

location / {

try_files $uri @apache;

}

location @apache {

internal;

proxy_pass http://127.0.0.1:88;

include naproxy.conf;

}

.............................................................................................................................................................................

[root@kslk-es-faq vhost]# cd /www/wdlinux/nginx-1.8.1/conf/cert

[root@kslk-es-faq cert]# ls -la #可以看到 aaaa.bbbb-ict.com.pem aaaa.bbbb-ict.com.key

total 40

drwxr-xr-x. 2 www www 228 Apr 22 08:47 .

drwxr-xr-x. 5 root root 4096 Mar 20 2023 ..

-rw-r--r-- 1 root root 1706 Apr 22 08:46 aaaa.bbbb-ict.com.key

-rw-r--r-- 1 www www 1706 Mar 20 2023 aaaa.bbbb-ict.com.key-bak

-rw-r--r-- 1 www www 1706 Apr 20 2023 aaaa.bbbb-ict.com.key-bak2

-rw-r--r-- 1 root root 4578 Apr 22 08:46 aaaa.bbbb-ict.com.pem

-rw-r--r-- 1 www www 4616 Mar 20 2023 aaaa.bbbb-ict.com.pem-bak

-rw-r--r-- 1 www www 4501 Apr 20 2023 aaaa.bbbb-ict.com.pem-bak2

[root@kslk-es-faq cert]#

aaaa.bbbb-ict.com.pem aaaa.bbbb-ict.com.key是从哪里来的呢

是同事发过来的 ,解压后文件结构如下

C:\Users\88888888\Desktop\test11\nnnnn-ict.com SSL 2024.3.21-2025.4.21\pem(pem文件不包括key)

所以要把下面的 nnnnn-ict.com.key 改成 aaaa.bbbb-ict.com.key

nnnnn-ict.com.pem 改成 aaaa.bbbb-ict.com.pem

普通分类:

php

You are here

友情链接

搜索表单

用户登录

You are here

在公司里 自己亲自做的 有关 nginx 的 https ssl 证书 有大用 有大大用 有大大大用

友情链接

在公司里自己亲自做的有关 nginx 的 https ssl 证书有大用有大大用有大大大用