陶辉96课
双向认证SSL指令示列
对下游使用证书指令
Syntax: | ssl_certificate |
---|---|
Default: | — |
Context: | http , server |
Syntax: | ssl_certificate_key |
---|---|
Default: | — |
Context: | http , server |
代码示列 首先需要将 ngx_http_ssl_module编译进nginx 一般证书可以动态生成 详见 SSL证书生成方式
listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/shoppas.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/shoppas.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot