Study the certificate installation this afternoon
Certificates are configured under apache and nginx respectively
Record it, I hope it will be helpful for the children's shoes to install the certificate
Apache
applied for a DV certificate. After filling out the application materials, it pointed to the domain name TXT, and received the certificate email soon. Divided into three parts, I think three parts, one is the
first step, open port 443 of the server firewall
Next start the configuration
httpd.conf
LoadModule socache_shmcb_module modules / mod_socache_shmcb.so
Open, remove the preceding #
httpd-ssl.conf
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/alidata/www/huaqimedia"
ServerName huaqimedia.com:443
SSLCertificateFile "/alidata/www/huaqimedia/ssl/huaqimedia.crt"
SSLCertificateKeyFile "/alidata/www/huaqimedia/ssl/huaqimedia.key"
SSLCertificateChainFile "/alidata/www/huaqimedia/ssl/ca.crt"
保存好,重启apache
service httpd restart
complete
You can access it with https://
nginx
After application
configure
server {
listen 443;
server_name car.huaqimedia.com;
access_log /alidata/log/nginx/access/car.huaqimedia.com.log;
error_log /alidata/log/nginx/access/car.huaqimedia.com.error.log;
ssl on;
root html;
index index.html index.htm;
ssl_certificate /路径/cert/214596358230204.pem;
ssl_certificate_key /路径/cert/214596358230204.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /alidata/www/car.huaqimedia.com/;
index index.html index.htm index.php;
}
if ( !-e $request_filename ) {
rewrite ^(.*)\.php(.*)$ $1.php?s=$2 last;
break;
}
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /alidata/www/car.huaqimedia.com/$fastcgi_script_name;
include fastcgi_params;
}
}
重启service nginx restart
完成