nginx configure ssl to achieve https

Environmental description

Server system: Ubuntu 18.04 64 bit nginx: 1.14

This article mainly records the steps of configuring https, and does not introduce the details of applying for a ca certificate

There is a free ssl certificate here:

of Western Digital , and the certificate applied for in Tencent Cloud

After applying for a certificate and issuing it, download the certificate to the local

1. Install nginx

$ apt-get update // 
$ apt-get install nginx // 

2. Configure the ca certificate

2.1 The installation directory of nginx is /etc/nginx/, enter this directory, add the cert folder, and upload the two files just downloaded to the cert folder

2.2 Add a blog.confnew , the name is arbitrary, nginx will read all the configuration files in the conf.d/ folder

2.3 Copy the following configuration information to the blog.conffile

server {
    listen 443;
    server_name;  // 你的域名
    ssl on;
    root /var/lib/jenkins/workspace/blog;  // 你的网站源码目录
    index index.html index.htm;
    ssl_certificate /etc/nginx/cert/; // 证书地址
    ssl_certificate_key /etc/nginx/cert/;  // 证书地址
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    location / {
        index index.html index.htm;
server {
    listen 80;
    server_name;  // 你的域名
    rewrite ^(.*)$ https://$host$1 permanent;

After the configuration is complete, check whether the nginx configuration file is available. If successful, the configuration is correct.

$ nginx -t

After the configuration is correct, reload the configuration file to make the configuration take effect:

$ service nginx reload

Leave a Reply

Your email address will not be published. Required fields are marked *