申请第三方权威认证机构(如CA,Symantec,GeoTrust,CFCA)签发的SSL数字证书,实现网站HTTPS访问
证书文件:
app.yezhou.cc.jks
app.yezhou.cc.key
app.yezhou.cc.pem
app.yezhou.cc.pfx虚拟主机配置:
server {
listen 80;
listen 443 ssl;
server_name app.yezhou.cc;
index index.html index.htm index.php;
root /data/www/app;
server_name_in_redirect off;
location ~ .+\.php($|/)
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
#伪静态及日志
#include /data/server/nginx/conf/rewrite/app.conf;
error_log /data/www/logs/app-error.log;
access_log /data/www/logs/app-access.log;
ssl on;
ssl_certificate /data/ssl/app/app.yezhou.cc.pem;
ssl_certificate_key /data/ssl/app/app.yezhou.cc.key;
ssl_session_timeout 5m;
}