免费CA认证详细流程
发布 December 11, 2023 • 1 分钟 • 117 字
Table of contents
Nginx配置
nginx.conf配置
server {
listen 80;
listen [::]:80;
server_name www.domain.com domain.com;
return 301 https://$server_name$request_uri;
}
# HTTPS服务器
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name www.domain.com domain.com;
# 网站根目录
root /usr/share/nginx/domain;
index index.html index.htm;
# SSL
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers PROFILE=SYSTEM;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
proxy_ssl_server_name on;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Nginx验证配置正确性
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf **test is successful
Nginx加载新增配置
systemctl reload nginx
DNS配置及验证
DNS配置
在DNS厂商DNS配置服务里配置 www.domain.com 到服务器IP地址解析
验证域名访问
- 浏览器访问域名 www.domain.com
-
- 可正常访问站点
-
- 浏览器显示站点不安全
免费CA证书申请
安装certbot
yum install certbot
自动安装证书
certbot --nginx
验证安装结果
