sae小站部署https ssl nginx遇到的问题 301

其实主要是301重定向的问题

特别注意 修改了nginx配置后,如果需要测试301重定向或者https的功能,用360浏览器,每次重启nignx之前把上网痕迹清理掉

 

###############################################################################################

https://www.west.cn/faq/list.asp?Unid=1406

西部数码的证书 

Nginx 部署SSL证书 (特别注意下面加红内容,需要先合并.crt、.cer文件)

        a.  查看nginx是否开启ssl

        执行命令: nginx安装目录/sbin/nginx -V, 查看命令结果中是否包含"--with-http_ssl_module",否则请先安装ssl模块

        b.  配置证书到对应的站点

        编辑站点对应的站点配置文件,新增或修改如下内容

        server {

            listen          443 ssl;                                             #将原来的80 修改为443

            ...

            root /www/web/xxxx/public_html;

            ssl_certificate        证书文件路径/_www.domain.com.crt;          #需将_www.domain.com.cer  中的内容复制到这个文件头部,中间不要有空行

            ssl_certificate_key 证书文件路径/_www.domain.com.key;         #证书密钥文件

            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

            ssl_ciphers ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL;

            ...

        }

##################################################################################################

 

下面是一个能用的配置,http和https都可以用的配置

##################################################################################################

server {
listen 80;
server_name www.163py.com 163py.com;
if ($host != 'www.163py.com'){
rewrite ^/(.*)$ http://www.163py.com/$1 permanent;
}
#if ($scheme = http ) {
# rewrite ^(.*)$ https://$host$1 permanent;
#}
client_max_body_size 10m;

access_log /var/log/nginx/access_yly.log;
error_log /var/log/nginx/error_yly.log;
#server_name somename alias another.alias;


location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:9090;
}

location ^~ /media {
alias /home/sy/workspace/yuanxiao/1/stock/media;
}

location ^~ /static {
alias /home/sy/workspace/yuanxiao/1/stock/static;
}

#location ^~ /.well-known/pki-validation {
# alias /home/sy/ca;
#}

location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|mov) {
access_log off;
expires 30d;
}

}

 

server {
listen 443 ssl;
server_name www.163py.com 163py.com;
if ($host != 'www.163py.com'){
rewrite ^/(.*)$ https://www.163py.com/$1 permanent;
}
ssl on;
ssl_certificate /home/sy/ca/www.163py.com_ca.crt;
ssl_certificate_key /home/sy/ca/www.163py.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

client_max_body_size 10m;

access_log /var/log/nginx/access_yly.log;
error_log /var/log/nginx/error_yly.log;
#server_name somename alias another.alias;


location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:9090;
}

location ^~ /media {
alias /home/sy/workspace/yuanxiao/1/stock/media;
}

location ^~ /static {
alias /home/sy/workspace/yuanxiao/1/stock/static;
}

#location ^~ / {
# alias /home/sy/ca;
#}

location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|mov) {
access_log off;
expires 30d;
}

}

##################################################################################################


分享到: 微信 更多