1. First, locate the SSL certificate products
2. Buy SSL Certificates
3. After successful purchase, came to console certificate, apply for a certificate and verify submitted for review
4. After successful authentication certificate can download the installation package in the console, download needed, I use Nginx.
New cert directory 5. Install decompression, installation to the server's directory nginx
6. Add the security group in Ali cloud console (because of the need 443 ports), select the configuration rules add the security group
7. Modify nginx configuration file
# 以下属性中以ssl开头的属性代表与证书配置有关,其他属性请根据自己的需要进行配置。
server {
listen 443 ssl; #SSL协议访问端口号为443。此处如未添加ssl,可能会造成Nginx无法启动。
server_name localhost; #将localhost修改为您证书绑定的域名,例如:www.example.com。
root html; #nginx的安装目录
index index.html index.htm;
ssl_certificate cert/domain name.pem; #将domain name.pem替换成您证书的文件名。
ssl_certificate_key cert/domain name.key; #将domain name.key替换成您证书的密钥文件名。
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #使用该协议进行配置。
ssl_prefer_server_ciphers on;
location / {
root html; #站点目录。
index index.html index.htm;
}
}8. Restart nginx service
nginx -s reload
9. Enter https://www.xxx.com browser can be opened.
