Nginx+php+http/https服务器配置

最新推荐文章于 2021-04-05 10:20:59 发布

HyperDai

最新推荐文章于 2021-04-05 10:20:59 发布

阅读量4.3k

点赞数 1

CC 4.0 BY-SA版权

分类专栏：开发环境配置文章标签： nginx php https

本文链接：https://blog.youkuaiyun.com/deaidai/article/details/78861510

开发环境配置专栏收录该内容

14 篇文章

订阅专栏

本文介绍了在Ubuntu 16.04上使用Nginx和PHP配置HTTP/HTTPS服务器的步骤，包括SSL证书、SSL Key和CSR文件的处理，以及如何同时监听80和443端口并实现强制HTTP跳转到HTTPS。测试时间为2017-12-21。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

测试系统：ubantu 16.04
测试时间：2017-12-21

关于SSL证书说明

博主用的DV免费证书做的测试。

关于SSL Key 和 CSR 文件或PEM文件

一般SSL发行商会提供给大家key或者csr。
如果没有，可以自己生成，用OpenSSL。
.key是私钥

配置HTTPS

首先得进入nginx主机配置目录：/var/nginx/sites-enabled
**配置https和http有两种方式：

一种是两者共存
另一种是强制http跳转https

同时监听80和443端口

server {
    listen              80;#同时打开80和443端口
    listen              443 ssl;
    server_name         example.com;
    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;
    #证书文件
    ssl_certificate     example.com.crt;
    #私钥文件
    ssl_certificate_key example.com.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    #php解析
    location ~ \.php$ {
                include snippets/fastcgi-php.conf;

        #
        #       # With php7.0-cgi alone:
        #       fastcgi_pass 127.0.0.1:9000;
        #       # With php7.0-fpm:
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }
}

强制http跳转https

server {
        listen 80;
        server_name example.com;
        return 301 https://$server_name$request_uri;
}
server {
    listen 443 ssl;
    server_name example.com;
    ssl on;
    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;
    ssl_certificate   example.com.curl;
    ssl_certificate_key  example.com.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        root /var/www/html;
        index index.php index.html index.htm index.nginx-debian.html;
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;

        #
        #       # With php7.0-cgi alone:
        #       fastcgi_pass 127.0.0.1:9000;
        #       # With php7.0-fpm:
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        location ~ /\.ht {
                deny all;
        }
        # deny .git access
        location ~ /\.git {
            deny all;
        }
}

参考：址一