首先,nginx 单ip多域名的ssl配置,参考地址是
另外,利用 脚本可以比较方便的使用 lets-encrypt 提供的免费ssl,
https://github.com/xdtianyu/scripts/tree/master/lets-encrypt
一个配置文件的例子 letsencrypt.conf-myssl
ACCOUNT_KEY=”letsencrypt-account.key”
DOMAIN_KEY=”/www/ssl/myssldomain.com.key”
DOMAIN_DIR=” /www/myssldomain”
DOMAINS=”DNS:myssldomain.com,DNS:www.myssldomain.com”
方法就是配置 conf文件,然后运行就好了,
letsencrypt.sh letsencrypt.conf-myssl
上面脚本就能自动帮你做注册和生成key的动作。后面只需要修改nginx的配置文件即可
nginx的配置文件,这样写
server
{
listen 80;
listen 443;
if ($scheme = http) {return 301 https://$server_name$request_uri;}
server_name www.myssldomain.com myssldomain.com;
root /www/myssldomain/;
index index.php index.html;
include php.conf;
ssl on;
ssl_certificate “/www/ssl/myssldomain.chained.crt”;
### 注意这里,最好用chained.crt 容易被多数浏览器支持
ssl_certificate_key “/www/ssl/myssldomain.com.key”;
}