First go to Alibaba Cloud to apply for a certificate, here it says to buy, pay 0 yuan,
Select the free DV certificate to purchase, and then you can see that there is an empty certificate in the certificate list, and you can complete the information.
Next enter personal information
CSR will be required below, generally choose system generation
Submit the review after completion, the review here is to verify whether the URL is your own
Click on the progress and the verification item will pop up, copy the txt value inside, and parse one at the place where the domain name is resolved.
Enter a host name with the same prefix as your own domain name, the type is txt, and the parameter value is the record value given in it. After parsing, you can refresh the audit page, and the SSL certificate will be generated soon. At most 10 Minutes (if there is no accident, I haven't encountered a particularly slow resolution for the time being, it is recommended to choose the domain name of Wanwang)
Then select download to see
Alibaba Cloud's certificates are relatively complete, but we use Nginx as an example here. The downloaded file contains a pem and a key file. The same configuration is placed in Nginx, which is probably similar to Tencent's, but the writing method is changed, but it is put here. I replaced the certificate file with cert to avoid conflicts with Tencent
server {
listen 443;
server_name image.wertp.cn;
ssl on;
root html;
index index.html index.htm;
ssl_certificate /usr/local/nginx/conf/cert/image.wertp.cn.pem;
ssl_certificate_key /usr/local/nginx/conf/cert/image.wertp.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256: ECDHE: ECDH: AES: HIGH:! NULL:! aNULL:! MD5:! ADH:! RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /data/wwwroot/image.wertp.cn/public;
index index.PHP index.html index.htm;
if (!-e $request_filename){
rewrite ^/(.*)$ /index.php?s=$1 last;
}
#(thinkphp rewrite route rewrite mode add this paragraph, otherwise it is normal mode)
}
location ~ \.php$ {
root /data/wwwroot/image.wertp.cn/public;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
fastcgi_param HTTPS on;
include fastcgi.conf;
}
# (Compatible with php to add this paragraph)
}
In this way, the whole is successful, if there are any problems, just the following questions
1 Path configuration of certificate and path configuration of domain name
2 The configuration code is a little bit like a bracket or semicolon
3 There is no certificate file
Apart from these, I haven't encountered other bugs for the time being. If there are any, welcome to communicate