nginx https修改默认端口 443

2020年5月9日

测试环境概述

   Debian 9  Nginx

注意 阿里云的机器不支持 https 非 443 端口的配置;

 

配置ssl 证书之前先准备好域名证书相关信息(手动申请证书) Or acme 结合阿里云解析或cloudflare DNS申请证书

  1. server {
  2.         listen  8000 ssl http2;
  3.         server_name www.domain.com;
  4.         set $root_path '/home/webapps/website/www.domain.com';
  5.         root $root_path;
  6.         index index.html;
  7.         access_log /var/log/nginx/www.domain.com-access.log;
  8.         error_log /var/log/nginx/www.domain.com-error.log;
  9.         #####   跳转
  10.         #if ($server_port !~ 8000){
  11.                   rewrite ^(/.*)$ https://$host$1 permanent;
  12.         #}
  13.         #ssl on;
  14.         ssl_certificate /root/.acme.sh/www.domain.com/fullchain.cer;
  15.         ssl_certificate_key /root/.acme.sh/www.domain.com/www.domain.com.key;
  16.         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  17.         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
  18.         ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
  19.         ssl_prefer_server_ciphers on;
  20.         #ssl_verify_client on;
  21.         error_page 497  https://$host:$server_port$request_uri;
  22.         location / {
  23.             try_files $uri $uri/ @router;
  24.             index index.html;
  25.         }
  26.         location @405{
  27.             root  /opt/htdocs;
  28.         }
  29.         error_page 500 502 503 504 /50x.html;
  30.             location = /50x.html {
  31.             root html;
  32.         }
  33.         location @router {
  34.             rewrite ^.*$ /index.html last;
  35.         }
  36. }

没有评论

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注