Docker+nginx配置阿里云免费版Https
2018-08-23 本文已影响0人
Chting
-
到阿里云申请免费的云盾证书
到阿里云控制台,进入产品,云盾管理,证书服务
按照上图的选择勾选品牌和产品 ,不然不好找到这个免费版
- 配置nginx服务增加443端口
server {
listen 443;
ssl on;
server_name youname;
root /var/www/html;
index index.php index.html index.htm;
##ssl 证书地址阿里云下载下来的
ssl_certificate /etc/nginx/cert/214929000540967.pem;
ssl_certificate_key /etc/nginx/cert/214929000540967.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ /index.php$is_args$args;
##配置可写
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php?s=$1 last;
}
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_connect_timeout 300;
fastcgi_read_timeout 300;
fastcgi_send_timeout 300;
fastcgi_buffers 8 128k;
fastcgi_buffer_size 256k;
set $path_info "";
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
set $real_script_name $1;
set $path_info $2;
}
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
- 配置docker
我用的dockerfile,nginx下增加cert目录,然后映射本地目录和doker的nginx路径
yml文件里面增加
volumes:
- ./nginx/cert/:/etc/nginx/cert
别忘了给docker环境增加443端口
重启用https测试一下就行,
