SSL证书,用于加密HTTP协议,也就是HTTPS。随着淘宝、百度等网站纷纷实现全站Https加密访问,搜索引擎对于Https更加友好,加上互联网上越来越多的人重视隐私安全,站长们给网站添加SSL证书似乎成为了一种趋势。
免费ssl证书申请:
网站名称 | 网址 | 是否推荐 |
Let's Encrypt | https://www.mianfeissl.com/ | 推荐 |
StartSSL | https://www.startcomca.com | |
COMODO PositiveSSL | https://www.sslchaoshi.com/ssl/brand/5 | |
CloudFlare SSL | https://www.cloudflare.com/ssl/ | |
腾讯云DV SSL 证书 | https://cloud.tencent.com/product/ssl | 推荐 |
阿里云DV SSL证书 | https://common-buy.aliyun.com/?commodityCode=cas | 推荐 |
百度云加速免费SSL | https://console.bce.baidu.com/cas/ |
配置文件:
server{ listen 80; server_name www.xxx.com; add_header Strict-Transport-Security max-age=15768000; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name www.xxx.com; #配置证书的路径 ssl_certificate 3083697_www.xxx.com.pem; ssl_certificate_key 3083697_www.xxx.com.key; #ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { #配置转发到8080端口 proxy_pass http://127.0.0.1:8080; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; } } }
微信扫码关注DEMO程序园公众号