Nginx Apache SSL configuration allows it to support HTTPS protocol access

First to apply for SSL certificate, recommended to Vauton, Tencent Cloud, Aliyun to apply for a free SSL certificate, convenient not to say, important is through the major browser verification.

Nginx configuration, configure the following items in server:

        Listen 443;
        server_name     www.daixh.com; #修改成你的域名, To be consistent with the requested certificate domain name
        index index.html index.htm index.php default.html Default.htm default.php;
        root /data/wwwroot;
        SSL on;
        ssl_certificate/home/ssl/ssl.crt;
        Ssl_certificate_key/home/ssl/ssl.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers ecdhe-rsa-aes256-gcm-sha384: ecdhe-rsa-aes128-gcm-sha256:ecdhe-rsa-aes256-sha384:

ecdhe-rsa-aes128-sha256:ecdhe-rsa-rc4-sha:ecdhe-rsa-aes256-sha:dhe-rsa-aes256-sha:dhe-

rsa-aes128-sha:rc4-sha:!anull:!enull:! export:! des:!3des:! md5:! Dss:! PKS;

Ssl_session_cache builtin:1000 shared:ssl:10m;

apache2.* configuration:

The 1_www.domain.com_cert.crt file includes the two-paragraph certificate Code "-----BEGIN Certificate-----" and "-----End certificate-----",
The 2_www.domain.com.key file includes a section of the private key code "-----BEGIN RSA private key-----" and "-----End RSA private key-----.

Save the first paragraph of 1_DOMAIN.COM_CERT.CRT code in a CRT-formatted file DOMAIN.CRT, and the second paragraph is pasted into a text that is saved in CRT format.

File CA.CRT.
(If it is a three-paragraph cross certificate, save the second and third paragraphs as CA.CRT)

Edit the conf/httpd.conf file under the Apache root directory,
Find #LoadModule ssl_module modules/mod_ssl.so and #Include conf/extra/httpd-ssl.conf, and remove the front # annotation;
Edit the conf/extra/httpd-ssl.conf file under the Apache root directory and modify the following

www.domain.com:443> documentroot "/var/www/html"

ServerName www.domain.com Sslengine on
Sslcertificatefile/usr/local/apache/conf/domain.crt
Sslcertificatekeyfile/usr/local/apache/conf/2_domain.com.key
Sslcertificatechainfile/usr/local/apache/conf/ca.crt
Once the configuration is complete, you can restart Apache to use https://www.domain.com to access the