1.申请SSL证书
登陆阿里云 搜索SSL证书
点击SSL证书,选择免费证书,然后选择立即购买,这个是免费的
购买完毕后点击创建证书,然后点击证书申请
没有安装Docker的自行安装
拉取Docker的Nginx镜像
#拉取镜像
docker pull nginx:latest
#启动并挂载目录
docker run --detach \
--name docker_nginx \
-p 443:443\
-p 80:80 \
-v /etc/local/nginx/data:/usr/share/nginx/html:rw\
-v /etc/local/surrounding/nginx/config/nginx.conf:/etc/nginx/nginx.conf/:rw\
-v /etc/local/surrounding/nginx/config/conf.d/default.conf:/etc/nginx/conf.d/default.conf:rw\
-v /etc/local/surrounding/nginx/logs:/var/log/nginx/:rw\
-v /etc/local/surrounding/nginx/ssl:/ssl/:rw\
-d nginx
下载刚才的申请的证书到ssl目录
events {
worker_connections 1024; ## Default: 1024
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
#80端口转443端口
server {
listen 80;
server_name 你的域名;
rewrite ^(.*)$ https://你的域名;
}
server {
# listen 80;
listen 443 ssl;
server_name localhost;
#你刚才上传的证书
ssl_certificate /ssl/xxx.pem;
ssl_certificate_key /ssl/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://你的域名 IP:端口;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /etc/nginx/conf.d/*.conf;
}
最后重启Nginx
docker restart docker_nginx;
模糊的地方
感觉https后访问有点慢
不知道nginx配置里要配置什么压缩什么的