Detailed explanation of nginx ssl certificate configuration using GoDaddy

Source: Internet
Author: User
Tags ssl certificate nginx ssl

Generate the private key and certificate request File (csr)

Open the terminal and enter the following command

Openssl req-new-newkey rsa: 2048-nodes-keyout domain. key-out domain. csr

The generation process will ask several frequently asked questions, such as City and Country.

At last, we will ask the challenge password and remember it when entering it.

After the preceding commands are executed, the current directory will contain "domain. key" and "domain. csr" files.

Goddy certificate

After purchasing the SSL certificate, there will be an initialization process. fill in all the content of the csr file in the "CSR" input box. Goddy checks configuration and other operations. After the operation is complete, a certificate is issued. Click Download. Select "other" as the server type when downloading ".

Nginx configuration

The contents of the compressed package are similar to those shown in the following figure.

Under normal circumstances, the key and crt files are required for nginx to configure SSL.

There are two crt, so you need to merge the certificates.

Open the terminal and execute the following command:

Cat 53f58e3ac2172cd5. crt gd_bundle-g2-g1.crt> domain. crt

Modify the file name based on actual conditions.

After the certificate is merged, open the Nginx configuration file. The certificate directory is located in "/root/crt"

Server
 {
Listen 443;
# Listen [:]: 80;
Server_name domain;
Index index.html index.htm index. php default.html default.htm default. php;
Root/home/wwwroot/domain;
 
Location =/favicon. ico {
Log_not_found off;
Access_log off;
 }
 
Location =/robots.txt {
Allow all;
Log_not_found off;
Access_log off;
 }
Location /{
If (! -E $ request_filename ){
Rewrite ^/(. *) $/index. php? $1 last;
 }
 }
 
Include other. conf;
# Error_page 404/welcome.html;
# Error_page 500 502 504 =/welcome.html;
Location ~ [^/] \. Php (/| $)
 {
# Comment try_files $ uri = 404; to enable pathinfo
Try_files $ uri = 404;
Fastcgi_pass unix:/tmp/php-cgi.sock;
Fastcgi_index index. php;
Include fastcgi. conf;
# Include pathinfo. conf;
 }
 
Location ~ . * \. (Gif | jpg | jpeg | png | bmp | swf) $
 {
Expires 30d;
 }
Location ~ . * \. (Html | htm )? $
 {
Expires 10d;
 }
Location ~ . * \. Ttf $
 {
Add_header Access-Control-Allow-Origin *;
Expires 30d;
 }
Location ~ . * \. (Js | css )? $
 {
Expires 10d;
 }
Ssl on;
Ssl_certificate/root/crt/domain. crt;
Ssl_certificate_key/root/crt/domain. key;
Access_log off;
 }

Save and run nginx reload.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.