cloud.tencent.com
is used as an example.nginx/1.18.0
version is used as an example.443
on the Nginx server so that HTTPS can be enabled after the certificate is installed. For more information, see How Do I Enable Port 443 for a VM?http_ssl_module
module in the current server.Name | Description |
Server IP address | IP address of the server, which is used to connect the PC to the server. |
Username | The username used to log in to the server. |
Password | The password used to log in to the server. |
cloud.tencent.com
certificate file package to the local directory.
After decompression, you can get the certificate file of the corresponding type, which includes the cloud.tencent.com_nginx
folder.cloud.tencent.com_nginx
cloud.tencent.com_bundle.crt
: Certificate filecloud.tencent.com_bundle.pem
: Certificate file (optional)cloud.tencent.com.key
: Private key filecloud.tencent.com.csr
: CSR filecloud.tencent.com_bundle.crt
certificate file and cloud.tencent.com.key
private key file from the local directory to the /etc/nginx
directory (this is the default Nginx installation directory and needs to be adjusted as needed) of the Nginx server.nginx.conf
configuration file in the Nginx root directory as follows:nginx -t
command to find the path of the Nginx configuration file.
As shown below: vim /etc/nginx/nginx.conf
.listen 443 ssl
instead of listen 443
and ssl on
on nginx/1.15.0
or later.server {# The default SSL access port is 443listen 443 ssl;# Enter the domain name bound to the certificateserver_name cloud.tencent.com;# Enter the relative or absolute path of the certificate filessl_certificate cloud.tencent.com_bundle.crt;# Enter the relative or absolute path of the private key filessl_certificate_key cloud.tencent.com.key;ssl_session_timeout 5m;# Configure the following protocolsssl_protocols TLSv1.2 TLSv1.3;# Configure the cipher suite according to the OpenSSL standardssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;ssl_prefer_server_ciphers on;location / {# Path to the website homepage. This example is for reference only. You need to set it to the actual path.# For example, if your website homepage is under the "/etc/www" path of the Nginx server, change the "html" behind "root" to "/etc/www".root html;index index.html index.htm;}}
nginx -t
nginx -s reload
https://cloud.tencent.com
.return 301 https://$host$request_uri;
to the HTTP server to redirect requests made to the default HTTP port 80 to HTTPS.listen 443 ssl
instead of listen 443
and ssl on
on nginx/1.15.0
or later.server {# The default SSL access port is 443listen 443 ssl;# Enter the domain name bound to the certificateserver_name cloud.tencent.com;# Enter the relative or absolute path of the certificate filessl_certificate cloud.tencent.com_bundle.crt;# Enter the relative or absolute path of the private key filessl_certificate_key cloud.tencent.com.key;ssl_session_timeout 5m;# Configure the cipher suite according to the OpenSSL standardssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;# Configure the following protocolsssl_protocols TLSv1.2 TLSv1.3;ssl_prefer_server_ciphers on;location / {# Path to the website homepage. This example is for reference only. You need to set it to the actual path.# For example, if your website homepage is under the "/etc/www" path of the Nginx server, change the "html" behind "root" to "/etc/www".root html;index index.html index.htm;}}server {listen 80;# Enter the domain name bound to the certificateserver_name cloud.tencent.com;# Redirect requests made to an HTTP domain name to HTTPSreturn 301 https://$host$request_uri;}
nginx -t
nginx -s reload
https://cloud.tencent.com
.
Was this page helpful?