一、Nginx
1,生成SSL证书
2,nginx配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
server { listen 81; listen 443 ssl; #同时支持http和https访问 server_name localhost; index index.html index.htm; default_type 'text/html'; charset utf-8; #ssl on; #配置到端口后面,这里不需要 ssl_certificate /root/www/ssl/ssl.crt; ssl_certificate_key /root/www/ssl/ssl.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; location / { proxy_pass http://127.0.0.1:8080; # 代理8080后端服务器 proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } |
http: http://www.xxx.com:81
https: https://www.xxx.com
3,注意开放防火墙的443端口
二、Apache
打开Apache 服务器中的httpd.conf 文件,打开SSL 模块LoadModule ssl_module modules/mod_ssl.so,并在ssl.conf文件里添加如下:
|
1 2 3 4 |
SSLCertificateFile /etc/httpd/conf/UserCert.cer SSLCertificateKeyFile /etc/httpd/conf/server.key SSLCertificateChainFile /etc/httpd/conf/sheca.cer SSLCACertificateFile /etc/httpd/conf/root.cer |
