lnmp环境下面配置https 出现下载index.php的解决方案

step1:第一步去阿里云申请ssl免费证书

step2:配置nginx

server
    {
        listen 443;
        server_name zig.exile.cc;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/zig.exile.cc;
        ssl on;
		ssl_certificate   /usr/local/nginx/cert/2173934_zig.exile.cc.pem;
        ssl_certificate_key  /usr/local/nginx/cert/2173934_zig.exile.cc.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
		


		
        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

             access_log  /home/wwwlogs/zig.exile.cc.log;
	    }

此时这个配置文件访问https://zig.exile.cc 会出现下载文件的现象，网络上很多博客都说在nginx.conf文件中加入一段配置就好了，于是小编偷偷摸摸的加入如下配置文件:

location ~ .php?.*$ {
root /usr/local/nginx/html; # 设置网站根目录
fastcgi_pass 127.0.0.1:9000; # 此处是配置过程中最大的坑 稍后说明
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}

结果更坑，php_fm 压根没有在9000端口监听，压上那一段配置,nginx直接抛出502异常，小编直接懵了，最后小编查看php-fpm.conf的监听文件，才发现根本不是那么回事

最后修改后的nginx配置文件

server
{
listen 80;
#listen [::]:80;
server_name zig.exile.cc;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/zig.exile.cc;

    include rewrite/thinkphp.conf;
    #error_page   404   /404.html;

    # Deny access to PHP files in specific directory
    #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

    include enable-php-pathinfo.conf;

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
    }

    location ~ .*\.(js|css)?$
    {
        expires      12h;
    }

    location ~ /.well-known {
        allow all;
    }

    location ~ /\.
    {
        deny all;
    }

    access_log  /home/wwwlogs/zig.exile.cc.log;
}
   	server
{
    listen 443;
    server_name zig.exile.cc;
    index index.html index.htm index.php default.html default.htm default.php;
    root  /home/wwwroot/zig.exile.cc;
    ssl on; 		ssl_certificate   /usr/local/nginx/cert/2173934_zig.exile.cc.pem;
    ssl_certificate_key  /usr/local/nginx/cert/2173934_zig.exile.cc.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on; 		include rewrite/thinkphp.conf;
    include enable-php-pathinfo.conf; 		if (!-e $request_filename) {
            rewrite ^(.*)$ /index.php$1 last;
   } 	location ~ \.php{
            fastcgi_pass unix:/tmp/php-cgi.sock;

            fastcgi_index index.php;

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

            include fastcgi_params;
    }

 
   
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
    }

    location ~ .*\.(js|css)?$
    {
        expires      12h;
    }

    location ~ /.well-known {
        allow all;
    }

    location ~ /\.
    {
        deny all;
    }

         access_log  /home/wwwlogs/zig.exile.cc.log;
  }

重启nginx
访问https://zig.exile.cc
搞定