需要nginx开启http_ssl_module模块,基本上默认都开启
配置很简单直接上配置
server {
listen 80 default_server;
listen [::]:80 default_server;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name default_server;
#ssl证书的pem文件路径
ssl_certificate /etc/letsencrypt/live/xxx.com/fullchain.pem;
#ssl证书的key文件路径
ssl_certificate_key /etc/letsencrypt/live/xxx.com/privkey.pem;
#ssl根证路径
ssl_trusted_certificate /etc/letsencrypt/live/xxx.com/chain.pem;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
location / {
#;
}
}
获取https证书,可参见
给网站创建自己的https证书