Add Comodo SSL Certificate for Nginx
Install Nginx First, install Nginx on your Linux distribution, or refer to Nginx's official installation tutorials.
1. Merge the obtained certificates according to the contents of the obtained SSL certificate
If you get four certificat
First, prepare to compress the SSL certificate file
Information from the Internet on the installation of Comodo Positivessl certificate, found that there are different versions of the form, because sometimes we download to the Comodo POSITIVESSL
ssl Certificate, only one certificate can protect all domain names, installation and management is simpler.
Www.chinassl.net
Mail.chinassl.net
Www. China certificate. com
Www.wantssl.com
Login.wantssl.net
After learning about the multi-domain certificate, let's take
Chinassl provides two free trial SSL certificates. There is no difference between the trial SSL certificate and the officially issued SSL certificate function and compatibility. Users can test the server environment before applying for a formal
Application URL: https://alwaysonssl.com/Four,ComodoOfficial website: https://www.comodo.com/Reviews: In Let's Encrypt did not come out before the Comodo market share was the first place. With let's Encrypt prevalence, Comodo in the DV SSL market share gradually decline, but still is the leading enterprise of SSL. Cur
To successfully set up SSL security site key to have the following conditions.1. The server certificate needs to be obtained from a trusted certificate Authority ca.2. The server certificate must be installed on the Web server.3. The SSL feature must be enabled on the Web se
Original: http://www.cnblogs.com/naniannayue/archive/2012/11/19/2776948.htmlTo successfully set up SSL security site key to have the following conditions.1. The server certificate needs to be obtained from a trusted certificate Authority ca.2. The server certificate must be installed on the Web server.3. The
Server{
Listen
the;
Listen[::]:
theSSL Ipv6>on;
server_nameexample.com;
return
301
https://example.com$request _uri ;}
Iv. reliable third-party SSL issuing authority
As we all know, a NIC agency has had a scandal about issuing a
To successfully set up SSL security site key to have the following conditions.1. The server certificate needs to be obtained from a trusted certificate Authority ca.2. The server certificate must be installed on the Web server.3. The SSL feature must be enabled on the Web se
To successfully set up SSL security site key to have the following conditions.1. The server certificate needs to be obtained from a trusted certificate Authority ca. 2. The server certificate must be installed on the Web server. 3. The SSL feature must be enabled on the Web
;return to Https://example.com$request_uri;}
Four, reliable Third-party SSL issuing agency
As we all know, some NIC agencies have burst into a scandal over the issuance of certificates for Google domain names, so it is important to select a reliable Third-party SSL issuer.
At present, the general market for small and medium-sized owners and enterprises of the SSL
. verisign's Secure Site, which is priced at $349 a year2. thawte's SSL123, one-year price of 149 $3. geotrust QuickSSL, Which is priced at $169 a year4. RapidSSL, a one-year quotation of 49 $5. InstantSSL, a one-year quotation of 49 $6. TurboSSL, which is the cheapest and has no more than 30 $ online. If you are running an opensource project, you can even send a one-year certificate.
How can we select so many products? Please continue with my introdu
combinations of policies, namely the third. The SSL connection is terminated at the Server Load balancer, adjusted as needed, and then acts as a new SSL connection proxy to the backend server. This may provide maximum security and the ability to send client information. The cost of doing so is more CPU power consumption and slightly more complicated configuratio
certificate for Google domain names, so it's important to choose a reliable third-party SSL issuing agency.At present, the general market for small and medium-sized webmaster and Enterprise SSL certification authorities are:StartsslComodo/Sub-brand Positive SSLGlobalSign/Sub-brand AlphasslGeoTrust/Sub-brand RapidSSLWhich Postivie
)
③ Modify nginx Configuration
Listen 443;SERVER_NAME Zou. Lu;Index index.html index.htm index. php;Root/home/zoulu;Error_page 404 403 http://zou.lu;
SSL on;Ssl_certificate/root/zoulu/zou_lu.crt;Ssl_certificate_key/root/zoulu/zoulukey. pem;
Other configuration information is the same as that of a common site.Iv. Access test results
In Firefox English version/Chrome/Opera/Safari/IE 6, 7, 8 under all no problem, https://zou.lu/in Firefox 3.5.7
zou.lu;Index index.html index.htm index.php;Root/home/zoulu;Error_page 404 403 http://zou.lu;SSL on;SSL_CERTIFICATE/ROOT/ZOULU/ZOU_LU.CRT;SSL_CERTIFICATE_KEY/ROOT/ZOULU/ZOULUKEY.PEM;Other configuration information is no longer duplicated, as is the case with the general site.Iv. access to test resultsIn the Firefox English version/chrome/opera/safari/ie 6, 7, 8 is not a problem, https://zou.lu/in Firefox 3.5.7 Chinese version of the problem, children
A complete SSL certificate is divided into four parts:
CA root certificate (Root CA)
Intermediate certificate (Intermediate Certificate)
Domain name Certificate
Certificat
balancer to the Tomcat server, which means that the application server loses the ability to acquire the x-forwarded-* header, which contains the client IP address, port, and protocol used.
There are two combinations of strategies, that is, the third, the SSL connection terminates at the load balancer, adjusts on demand, and then proxies to the backend server as a new SSL connection. This may provide ma
When we do some exchange or Lync projects, we often use public network certificates, such as: We do exchange2013 and Office 365 hybrid deployment, or through the SEM staging migration or CEM direct conversion migration need to use the public network certificate, below for you to introduce 1 free SSL certificate and application method, I hope to help youIn order t
SSL certificate, of course, only class1, other levels all cost money, but it doesn't matter. We only need class1. Open Https://www.startssl.comRegister a new user Https://www.startssl.com /? APP = 11 Amp; Action = regform After registration, you can log on to your mailbox to activate your account. Note: startssl does not verify your identity using the user na
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.