這採用兩階段設定
第一步先拿到80 port 然後轉 443
話不多說 直接看設定檔
server {
listen 80 ;
server_name example.shop;
# redirects both www and non-www to https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name example.shop;
#ssl 設定
ssl on;
#ssl 認證 ,憑證中心發給的crt檔
ssl_certificate /etc/nginx/ssl/example.shop.crt;
#產生ssl的認證前 所使用的private key
ssl_certificate_key /etc/nginx/ssl/example.shop.key;
root /var/www/public_html/;
index index.php index.html index.htm;
error_log /var/log/nginx/example.shop_error.log warn;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
fastcgi_read_timeout 3600;
fastcgi_pass php-fpm-sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}