Add an SSL certificate to Nginx in CentOS to support HTTPS access

Source: Internet
Author: User

Add an SSL certificate to Nginx in CentOS to support HTTPS access

SSL (Secure Sockets Layer) and its successor Transport Layer Security (TLS) are a Security protocol that provides Security and data integrity for network communication. TLS and SSL encrypt network connections at the transport layer.

An SSL certificate is generally issued by a CA such as GlobalSign. After an SSL certificate is installed, the website can access the webpage through "https. Https means that this is a secure connection.

To encourage website developers to make more efforts to protect web page information, Google's new search engine ranking algorithm will increase the search weight of the web pages with SSL certificates (also known as "https Certificates") installed.

This indicates that, under the new Google search algorithm, the weight of the web page processed by "HTTPS" (Hypertext Transfer Security Protocol)-adding an SSL security certificate to the web page will be improved, the weight of web pages that continue to adopt HTTP (Hypertext Transfer Protocol) will be relatively reduced. Therefore, this article mainly records how to add an ssl certificate to a website under Apache and nginx to support https access.

WoSign in China provides a digital certificate and applies on the Chinese interface. It is very friendly and quick to pass the review. Recommended !!!!!
Application address: https://buy.wosign.com/QuickToApplyFreeSSL.html

After review, your email will receive an email.

Decompress the file to view the SSL certificate corresponding to the server software.

Upload the SSL Certificate to the/usr/local/nginx/conf/ssl directory of the corresponding version.

Find the corresponding server and modify the nginx Configuration

# Basic SSL configuration server {listen 443 ssl; server_name www.test.com; root/home/wwwroot/test.com; index. php; ssl_certificate/usr/local/nginx/conf/ssl/www.test.com. crt; ssl_certificate_key/usr/local/nginx/conf/ssl/www.test.com. key; ssl_session_timeout 5 m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ALL :! ADH :! EXPORT56: RC4 + RSA: + HIGH: + MEDIUM: + LOW: + SSLv2: + EXP; ssl_prefer_server_ciphers on;} # redirect http second-level domain names to https, resolve http root domain jump to httpsserver {listen 80; server_name test.com; if ($ host! = 'Www .test.com ') {rewrite ^/(. *) $ https://www.test.com/#1 permanent ;}} server {listen 80; server_name www.test.com; rewrite ^/(. *) $ your permanent ;}

Note:

"This page contains both safe content and insecure content." The prompt is displayed because the website page contains mixed content. That is to say, the website page contains resources such as http: // and https. In this case, you need to make some adjustments on the website page to remove the prompt.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.