1. Download the ssl certificate corresponding to the domain name in the domain name management.
2. Install the certificate
File Description:
1. The certificate file 1524033480643.pem contains two paragraphs, please do not delete any paragraph.
2. If the CSR is created by the certificate system, it also includes: certificate private key file 1524033480643.key.
(1) Create a cert directory in the Nginx installation directory, and copy all the downloaded files to the cert directory. If you created a CSR file yourself when applying for a certificate, please put the corresponding private key file in the cert directory and name it 1524033480643.key;
(2) Open the nginx.conf file in the conf directory under the Nginx installation directory and find:
# HTTPS server # #server { # listen 443; # server_name localhost; # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; # ssl_prefer_server_ciphers on; # location / { # # #} #}
( 3 ) Modify it as (in the following attributes, the attributes at the beginning of ssl are directly related to the certificate configuration, please copy or adjust other attributes according to your actual situation):
server { listen 443; server_name localhost; ssl on; root html; index index.html index.htm; ssl_certificate cert/1524033480643.pem; ssl_certificate_key cert/1524033480643.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256: ECDHE: ECDH: AES: HIGH:! NULL:! aNULL:! MD5:! ADH:! RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }
Save and exit.