申请SSL证书需要的CSR文件
https://www.chinassl.net/ssltools/generator-csr.html
填写相关信息生成两个文件
csr文件用来申请ssl证书,key文件用于nginx中使用
申请证书
https://cheapsslsecurity.com/
申请的证书目录如下:
1
2
3
4
| DigiCertCA.crt
My_CA_Bundle.crt
star_aimmcloud_com.crt
TrustedRoot.crt
|
将domain_name.crt 和 DigCertCA.crt写入bundle.crt
1
| cat your_domain_name.crt DigiCertCA.crt >> bundle.crt
|
此处应为
1
| cat star_aimmcloud_com.crt DigiCertCA.crt >> bundle.crt
|
nginx的配置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/your_domain_name.pem; (or bundle.crt)
ssl_certificate_key /etc/ssl/your_domain_name.key;
server_name your.domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/your.domain.com/public/;
index index.html;
}
}
|