文章来源:http://my.oschina.net/rain21/blog/472423
这里用到的是沃通wosign的免费数字证书
第一步:将下载的证书文件for Nginx.zip中的
1_ssl.zy62.com_bundle.crt 和 2_ssl.zy62.com.key 上传到root目录下,并将其改名为 ssl.crt和ssl.key
第二步:
openssl rsa -in ssl.key -out /root/ssl.key
chmod 600 /root/ssl.key
第三步:修改vhost配置
server
{
listen 80;
listen 443 ssl;
#listen [::]:80;
ssl on;
ssl_certificate /root/ssl.crt;
ssl_certificate_key /root/ssl.key;
server_name ssl.zy62.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/ssl.zy62.com;
include none.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log /home/wwwlogs/ssl.zy62.com.log access;
}
最后 lnmp restart 重启就好了
原文:http://my.oschina.net/rain21/blog/472423