SSL certificate configuration of nginx domain name (upgrade website HTTP to HTTPS)

zyqok 2020-11-13 10:17:29
ssl certificate configuration nginx domain


Preface

HTTP and HTTPS

In our daily life , Common web sites are roughly divided into 2 Kind of :

One is based on http agreement , Such as :http://www.baidu.com

One is based on https agreement , Such as :https://www.baidu.com

Now many websites are for security reasons , Will access the domain name of the website from http Has been upgraded to https, If you don't know http and https The concept of , Take a look at the following article :HTTP and HTTPS What's the difference

SSL certificate

So how do we http Upgrade to https Well ?

We're going to upgrade http by https, First you need a SSL certificate . SSL You can think of it as an undergraduate diploma , I have this undergraduate diploma , It will prove that you are an undergraduate , Can go to apply for undergraduate recruitment threshold . Of course , Certificates can be issued by different institutions , For example, Tsinghua University undergraduate diploma and ordinary three colleges undergraduate diploma , The gold content of the two must be different .SSL The same goes for certificates , There are also different issuing agencies .

Configuration mode

When you have domain names and SSL After certificate , We can upgrade the domain address to https 了 , We usually do it in Nginx Configure domain name in SSL certificate .

The specific process

Start visiting

(1) Now I use my own website , My personal site configuration SSL certificate , Upgrade my website to SSL.

I visit a picture on my website ( http://www.zyqok.cn/fj.jpg ), This is a http visit .
 Insert picture description here
(2) Then we changed it to https visit , Discovery is not accessible .
 Insert picture description here
Let's start , Change the website to https Request access to .

Server installation Nginx

First , We need to install it on the server Nginx Environmental Science , If your server already has Nginx 了 , So this step can be skipped , If not installed Nginx, You may refer to it

obtain SSL certificate

Because my server was purchased by alicloud , So Ali will give some free SSL certificate , Here's how to get it from alicloud SSL The certificate process is described .
If you are not an alicloud customer , So this step can be skipped , And then self Baidu “SSL certificate ” Buy from related manufacturers , Or Baidu “ free SSL certificate ” .

(1) Log in to alicloud , And then find 【SSL certificate 】 One column , Click on ( Because I've already turned it on , So your position may be different from mine , Go to the panel and look for ).
 Insert picture description here
(2) Come to this panel , Click on 【 Purchase certificate 】.
 Insert picture description here
(3) Choose free , Then buy
 Insert picture description here
(4) When you've finished your purchase , A corresponding record will appear on the page , And then click 【 The certificate application 】.
 Insert picture description here
(5) Then write the domain name you need to upgrade , For example, I want to put my personal website http://www.zyqok.cn Upgrade to https://www.zyqok.cn
Then fill in the domain name at this time zyqok.cn, Then fill in the other information , Click next , Then the certificate will be submitted to it , Enter audit status .
 Insert picture description here
(6) When your application is approved , You can download your SSL Certificate , Let's click in the lower right corner 【 download 】
 Insert picture description here
(7) Continue to choose Nginx hinder 【 download 】
 Insert picture description here
(8) When the download is complete , We can get one SSL Certificate compression package
 Insert picture description here

Upload SSL Certificate to server

(1) Let's decompress the certificate package first , Then you can get the following two files .
 Insert picture description here
(2) We will pass these two documents through FTP Tools , Upload to server , And put it on Nginx The configuration file is located in the same level directory .
 Insert picture description here

Modify the configuration and restart

(1) Open your Nginx.conf The configuration file , Then put your 443 and 80 Port of server Information configuration is as follows :
For more detailed steps, you can view alicloud's documents :Nginx/Tengine Server installation SSL certificate

# Direct access https 
server
{

charset utf8;
listen 443;
root /opt/local;
server_name www.zyqok.cn;
ssl on;
ssl_certificate 3067072_zyqok.cn.pem;
ssl_certificate_key 3067072_zyqok.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
}
# http Jump https
server
{

listen 80;
server_name zyqok.cn;
rewrite ^/(.*) https://www.zyqok.cn permanent;
}

(2) Notice that the contents of the blue box are your domain name and SSL Certificate related documents .
 Insert picture description here
(3) Then restart your Nginx service

Get into nginx Of sbin Under the table of contents , Enter the following command , restart nginx service

./nginx -s reload

 Insert picture description here
(4) If it's an alicloud server , Don't forget to open 80 Port and 443 port , Otherwise I can't visit

You can refer to this article if you will not configure it : Alicloud security rule configuration

 Insert picture description here

Revisit

(1) direct https Visit (443 port ), As you can see, yes OK Of
 Insert picture description here
(2) then http visit (80 port ), He will automatically jump to https, It's also OK Of .
 Insert picture description here
thus , You have learned SSL Certificate configuration ! Thank you for reading !

版权声明
本文为[zyqok]所创,转载请带上原文链接,感谢

  1. [front end -- JavaScript] knowledge point (IV) -- memory leakage in the project (I)
  2. This mechanism in JS
  3. Vue 3.0 source code learning 1 --- rendering process of components
  4. Learning the realization of canvas and simple drawing
  5. gin里获取http请求过来的参数
  6. vue3的新特性
  7. Get the parameters from HTTP request in gin
  8. New features of vue3
  9. vue-cli 引入腾讯地图(最新 api,rocketmq原理面试
  10. Vue 学习笔记(3,免费Java高级工程师学习资源
  11. Vue 学习笔记(2,Java编程视频教程
  12. Vue cli introduces Tencent maps (the latest API, rocketmq)
  13. Vue learning notes (3, free Java senior engineer learning resources)
  14. Vue learning notes (2, Java programming video tutorial)
  15. 【Vue】—props属性
  16. 【Vue】—创建组件
  17. [Vue] - props attribute
  18. [Vue] - create component
  19. 浅谈vue响应式原理及发布订阅模式和观察者模式
  20. On Vue responsive principle, publish subscribe mode and observer mode
  21. 浅谈vue响应式原理及发布订阅模式和观察者模式
  22. On Vue responsive principle, publish subscribe mode and observer mode
  23. Xiaobai can understand it. It only takes 4 steps to solve the problem of Vue keep alive cache component
  24. Publish, subscribe and observer of design patterns
  25. Summary of common content added in ES6 + (II)
  26. No.8 Vue element admin learning (III) vuex learning and login method analysis
  27. Write a mini webpack project construction tool
  28. Shopping cart (front-end static page preparation)
  29. Introduction to the fluent platform
  30. Webpack5 cache
  31. The difference between drop-down box select option and datalist
  32. CSS review (III)
  33. Node.js学习笔记【七】
  34. Node.js learning notes [VII]
  35. Vue Router根据后台数据加载不同的组件(思考->实现->不止于实现)
  36. Vue router loads different components according to background data (thinking - & gt; Implementation - & gt; (more than implementation)
  37. 【JQuery框架,Java编程教程视频下载
  38. [jQuery framework, Java programming tutorial video download
  39. Vue Router根据后台数据加载不同的组件(思考->实现->不止于实现)
  40. Vue router loads different components according to background data (thinking - & gt; Implementation - & gt; (more than implementation)
  41. 【Vue,阿里P8大佬亲自教你
  42. 【Vue基础知识总结 5,字节跳动算法工程师面试经验
  43. [Vue, Ali P8 teaches you personally
  44. [Vue basic knowledge summary 5. Interview experience of byte beating Algorithm Engineer
  45. 【问题记录】- 谷歌浏览器 Html生成PDF
  46. [problem record] - PDF generated by Google browser HTML
  47. 【问题记录】- 谷歌浏览器 Html生成PDF
  48. [problem record] - PDF generated by Google browser HTML
  49. 【JavaScript】查漏补缺 —数组中reduce()方法
  50. [JavaScript] leak checking and defect filling - reduce() method in array
  51. 【重识 HTML (3),350道Java面试真题分享
  52. 【重识 HTML (2),Java并发编程必会的多线程你竟然还不会
  53. 【重识 HTML (1),二本Java小菜鸟4面字节跳动被秒成渣渣
  54. [re recognize HTML (3) and share 350 real Java interview questions
  55. [re recognize HTML (2). Multithreading is a must for Java Concurrent Programming. How dare you not
  56. [re recognize HTML (1), two Java rookies' 4-sided bytes beat and become slag in seconds
  57. 【重识 HTML ,nginx面试题阿里
  58. 【重识 HTML (4),ELK原来这么简单
  59. [re recognize HTML, nginx interview questions]
  60. [re recognize HTML (4). Elk is so simple