{"id":338,"date":"2020-12-23T20:45:29","date_gmt":"2020-12-23T12:45:29","guid":{"rendered":"http:\/\/www.heliang.net.cn\/?p=338"},"modified":"2020-12-23T20:45:29","modified_gmt":"2020-12-23T12:45:29","slug":"nginx%e9%85%8d%e7%bd%aessl%e4%b9%8b%e5%90%8e%e8%ae%bf%e9%97%aephp%e5%8f%98%e6%88%90%e4%b8%8b%e8%bd%bd%e8%a7%a3%e5%86%b3","status":"publish","type":"post","link":"https:\/\/www.heliang.net.cn\/?p=338","title":{"rendered":"Nginx\u914d\u7f6eSSL\u4e4b\u540e\u8bbf\u95eePHP\u53d8\u6210\u4e0b\u8f7d\u89e3\u51b3"},"content":{"rendered":"<p>\u4eca\u5929\u7ed9\u535a\u5ba2\u6dfb\u52a0\u963f\u91cc\u7684\u514d\u8d39SSL\u8bc1\u4e66\u7684\u65f6\u5019\uff0c\u9700\u8981\u4fee\u6539nginx.conf\u6587\u4ef6\uff0c\u64cd\u4f5c\u5982\u4e0b\uff1a<\/p>\n<ol>\n<li>\u627e\u5230nginx\u76ee\u524d\u542f\u52a8\u7528\u5230\u7684\u914d\u7f6e\u6587\u4ef6\uff0c\u5728\/etc\/init.d\/nginx\u91cc\u9762\u53ef\u4ee5\u770b\u5230\u914d\u7f6e\u6587\u4ef6\u6240\u5728\u7684\u8def\u5f84\u3002\u6bd4\u5982\u201c<em>CONFIG=&#8217;\/usr\/local\/nginx\/conf\/nginx.conf<\/em>&#8216;\u201d<\/li>\n<li>\u5907\u4efd\u4e00\u4e0b\u914d\u7f6e\u6587\u4ef6\u5c31\u5f00\u59cb\u4fee\u6539\u5427<\/li>\n<li><em>vi nginx.conf<\/em><\/li>\n<li>\u5f00\u59cb\u7684\u65f6\u5019\u914d\u7f6e\u6587\u4ef6\u6dfb\u52a0server\u6bb5\u843d\u7ed9https\uff0c<strong><span style=\"color: #ff0000;\">\u6f0f\u4e86\u201c include enable-php.conf;\u201d<\/span><\/strong>\uff0c\u5bfc\u81f4\u8bbf\u95ee\u7684\u65f6\u5019\u9875\u9762\u76f4\u63a5\u4e0b\u8f7d\u3002<\/li>\n<li>\u53c2\u8003\u914d\u7f6e\u4fe1\u606f\u5982\u4e0b\u3002<\/li>\n<\/ol>\n<blockquote>\n<pre><br \/>server {<br \/>        listen       443 ssl;<br \/>        listen       [::]:443 ssl;<br \/>        server_name  www.heliang.net.cn heliang.net.cn;<br \/>        index index.html index.htm index.php;<br \/>        root  \/home\/wwwroot\/default;<br \/><br \/>        ssl_certificate \"\/home\/wwwroot\/ssl\/heliang.net.cn.pem\";<br \/>        ssl_certificate_key \"\/home\/wwwroot\/ssl\/heliang.net.cn.key\";<br \/>        ssl_protocols TLSv1.2 TLSv1.3;<br \/>        ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;<br \/>        ssl_ecdh_curve secp384r1;<br \/>        ssl_session_cache shared:SSL:1m;<br \/>        ssl_session_timeout  10m;<br \/>#        ssl_ciphers PROFILE=SYSTEM;<br \/>        ssl_prefer_server_ciphers on;<br \/>        ssl_session_tickets off;<br \/>        keepalive_timeout 70;<br \/><br \/>        # Load configuration files for the default server block.<br \/>        include \/etc\/nginx\/default.d\/*.conf;<br \/><br \/>        error_page 404 \/404.html;<br \/>            location = \/40x.html {<br \/>        }<br \/><br \/>        error_page 500 502 503 504 \/50x.html;<br \/>            location = \/50x.html {<br \/>        }<br \/><br \/>        include enable-php.conf;<br \/><br \/>        location \/nginx_status<br \/>        {<br \/>            stub_status on;<br \/>            access_log   off;<br \/>        }<br \/><br \/>        location ~ .*\\.(gif|jpg|jpeg|png|bmp|swf)$<br \/>        {<br \/>            expires      30d;<br \/>        }<br \/><br \/>        location ~ .*\\.(js|css)?$<br \/>        {<br \/>            expires      12h;<br \/>        }<br \/><br \/>        location ~ \/.well-known {<br \/>            allow all;<br \/>        }<br \/><br \/>        location ~ \/\\.<br \/>        {<br \/>            deny all;<br \/>        }<br \/><br \/>        access_log  \/home\/wwwlogs\/access.log;<br \/>    }<\/pre>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4eca\u5929\u7ed9\u535a\u5ba2\u6dfb\u52a0\u963f\u91cc\u7684\u514d\u8d39SSL\u8bc1\u4e66\u7684\u65f6\u5019\uff0c\u9700\u8981\u4fee\u6539nginx.conf\u6587\u4ef6\uff0c\u64cd\u4f5c\u5982\u4e0b\uff1a \u627e\u5230nginx\u76ee\u524d\u542f\u52a8 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1,6],"tags":[21,22,20,19],"_links":{"self":[{"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/338"}],"collection":[{"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=338"}],"version-history":[{"count":1,"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/338\/revisions"}],"predecessor-version":[{"id":339,"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/338\/revisions\/339"}],"wp:attachment":[{"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.heliang.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}