Name | Description |
Lighthouse instance's public IP address | Instance IP address used to connect a local computer to the instance. |
Username | The username used to log in to the Lighthouse instance, such as `root`. |
Password or SSH key | The password matching the username used to log in to the Lighthouse instance, or the bound SSH key. |
cloud.tencent.com
as an example here) to a local directory.
After decompression, you can get the certificate files in the relevant types, including Nginx folders and CSR files:cloud.tencent.com_bundle.crt
: Certificate filecloud.tencent.com.key
: Private key filecloud.tencent.com.csr
filecloud.tencent.com_bundle.crt
and cloud.tencent.com.key
files from the local directory to NGINX's default configuration file directory of the Lighthouse instance. For more information, see Uploading Local Files to Lighthouse./www/server/nginx/conf
.nginx.conf
file in NGINX's default configuration file directory.sudo vim /www/server/nginx/conf/nginx.conf
server {...}
and replace the configuration information inside the braces ({}) with the following content.server {listen 443 ssl;server_tokens off;keepalive_timeout 5;root /usr/local/lighthouse/softwares/wordpress; # Enter the root directory of your website, such as `/usr/local/lighthouse/softwares/wordpress`index index.php index.html;access_log logs/wordpress.log;error_log logs/wordpress.error.log;server_name cloud.tencent.com; # Enter the domain name bound to your certificate, such as `www.cloud.tencent.com`ssl_certificate cloud.tencent.com_bundle.crt; # Enter the name of your certificate file, such as `cloud.tencent.com_bundle.crt`ssl_certificate_key cloud.tencent.com.key; # Enter the name of your private key file, such as `cloud.tencent.com.key`ssl_session_timeout 5m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # You can see this SSL protocol for configurationssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; # You can use this encryption suite configuration written in line with the OpenSSL standardssl_prefer_server_ciphers on;location ~* \\.php$ {fastcgi_pass 127.0.0.1:9000;include fastcgi.conf;client_max_body_size 20m;fastcgi_connect_timeout 30s;fastcgi_send_timeout 30s;fastcgi_read_timeout 30s;fastcgi_intercept_errors on;}}
http{...}
and enter the following configuration information.ssl_certificate cloud.tencent.com_bundle.crt; # Enter the name of your certificate file, such as `cloud.tencent.com_bundle.crt`ssl_certificate_key cloud.tencent.com.key; # Enter the name of your private key file, such as `cloud.tencent.com.key`
nginx.conf
file and exit.sudo nginx -t
sudo systemctl reload nginx
https://cloud.tencent.com
(sample) for access.pcre
during compilation, you can add return 301 https://$host$request_uri;
to the HTTP server to redirect requests made to the default port 80 to HTTPS.
You need to modify the nginx.conf
file by adding the following configuration after Step 4 in the Installing the certificate section.server {listen 80;server_name cloud.tencent.com; # Enter the domain name bound to your certificate, such as `cloud.tencent.com`return 301 https://$host$request_uri; # Redirect HTTP requests to HTTPS}
nginx.conf
file and exit. Verify and restart NGINX according to Step 7 and Step 8 in the Installing the certificate section.
At this point, you have successfully set the automatic redirect to HTTPS. You can use http://cloud.tencent.com
(sample) to redirect to the HTTPS page as shown below:
Was this page helpful?