The contents of the certificate compressed folder are as follows (the domain name of baidu.com is used as an example here):
baidu.com_bundle. crt certificate file
baidu.com_bundle.pem certificate file (you can ignore this file)
baidu.com.key private key file
baidu.com.csr CSR file
Copy the obtainedbaidu.com_bundle.crtCertificate file andbaidu.com.keyprivate key file are copied from the local directory to theconfdirectory under the Nginx root directory
Edit theconf/nginx.conffile in the Nginx root directory. The modifications are as follows:
# HTTPS server # server { #SSL 默认访问端口号为 443 listen 443 ssl; #请填写绑定证书的域名 server_name baidu.com www.baidu.com; #请填写证书文件的相对路径或绝对路径 ssl_certificate baidu.com_bundle.crt; #请填写私钥文件的相对路径或绝对路径 ssl_certificate_key baidu.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; #请按照以下协议配置 ssl_protocols TLSv1.2 TLSv1.3; #请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { #网站主页路径。此路径仅供参考,具体请您按照实际目录操作。 #root html; proxy_pass http://127.0.0.1:8080; index index.html index.htm; } }
HTTP automatic jump to HTTPS security configuration (optional)
server { listen 80; #请填写绑定证书的域名 server_name baidu.com www.baidu.com; #把http的域名请求转成https return 301 https://$host$request_uri; }
Start the cmd command line in the Nginx root directory
1. Test whether the Nginx configuration is correct
nginx -t
Graceful restart
nginx -s reload
The above is the detailed content of How to install and deploy Nginx server SSL certificate in Windows environment. For more information, please follow other related articles on the PHP Chinese website!