Obtain a server certificate file
Download good archive and extract nignx format certificate server.crt
- Install a server certificate copy server.key, server.crt file to the conf directory under Nginx installation directory.
Open the file nginx.conf conf directory Nginx installation directory
Find # HTTPS server
#
#server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate cert.crt;
ssl_certificate_key cert.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MED IUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}****
#}
Be amended to
server { listen 443;
server_name localhost;
ssl on; ssl_certificate server.crt;
ssl_certificate_key server.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH: AESGCM: HIGH:! RC4:! DH:! MD5:! Anull:! eNULL;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
Save and exit, and restart Nginx. Access to configure your installation site, test site https certificate by the way.
This article published by the SSL shield small series finishing [ www.ssldun.com ] Site Security Shield