一.
到阿里云云盾证书服务申请免费SSL证书:
https://common-buy.aliyun.com/?spm=5176.7968328.231195.1.7FheST&commodityCode=cas#/buy
二.
下载证书解压到nginx安装目录下,如:nginx/cert/h5_wx,将******.pem和*****.key放到该目录下。
三.
修改nginx.conf 的server部分如下:
server {
listen 443;
server_name wx.51ishare.com;
charset utf-8;
access_log /data/docker-volume/mall-mobile-h5_wx/logs/api.ishare.access.log main;
ssl on;
ssl_certificate cert/h5_wx/213995223060231.pem;
ssl_certificate_key cert/h5_wx/213995223060231.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:1029;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
四.
测试conf:nginx -t,
重启nginx:nginx -s reload