1.申请SSL证书

登陆阿里云 搜索SSL证书

image-1651214988804

点击SSL证书,选择免费证书,然后选择立即购买,这个是免费的

image-1651215180440

购买完毕后点击创建证书,然后点击证书申请

image-1651216095484

没有安装Docker的自行安装
拉取Docker的Nginx镜像

#拉取镜像
docker pull nginx:latest

#启动并挂载目录
docker run --detach \
        --name docker_nginx \
        -p 443:443\
        -p 80:80 \
        -v /etc/local/nginx/data:/usr/share/nginx/html:rw\
        -v /etc/local/surrounding/nginx/config/nginx.conf:/etc/nginx/nginx.conf/:rw\
        -v /etc/local/surrounding/nginx/config/conf.d/default.conf:/etc/nginx/conf.d/default.conf:rw\
        -v /etc/local/surrounding/nginx/logs:/var/log/nginx/:rw\
        -v /etc/local/surrounding/nginx/ssl:/ssl/:rw\
        -d nginx

下载刚才的申请的证书到ssl目录

events {
  worker_connections  1024;  ## Default: 1024
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    
    keepalive_timeout  65;
	
	#80端口转443端口
    server {
        listen       80;
        server_name  你的域名;
		rewrite ^(.*)$ https://你的域名;	
}

    server {
       # listen       80;
        listen       443 ssl;
        server_name  localhost;

		#你刚才上传的证书
		ssl_certificate /ssl/xxx.pem;
        ssl_certificate_key /ssl/xxx.key;

		ssl_session_cache    shared:SSL:1m;
       	ssl_session_timeout  5m;

		ssl_protocols  SSLv2 SSLv3 TLSv1.2;
	
		ssl_ciphers  HIGH:!aNULL:!MD5;
		ssl_prefer_server_ciphers  on;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

	location / {
	    proxy_http_version  1.1;
	    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
	    proxy_set_header    X-Real-IP $remote_addr;
	    proxy_pass    http://你的域名 IP:端口;
       }

	 

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

    }

    include /etc/nginx/conf.d/*.conf;
}

最后重启Nginx

docker restart docker_nginx;

模糊的地方
感觉https后访问有点慢
不知道nginx配置里要配置什么压缩什么的