配置证书网上有很多教程，本文重点放在困扰我最久的nginx.conf上面。以此记录我的学习

server {
    listen 80;
    server_name xxx.com www.xxx.com;#你的域名
    return	301 https://xxx.com$request_uri;#把http的域名请求转成https
}
server {
    listen 443 ssl;
    server_name www.https-x.com; #你的域名
    root /usr/share/nginx/html/ycadmin/public; #前台文件存放文件夹，可改成别的
    index index.html index.php;#上面配置的文件夹里面的index.html
    ssl_certificate  cert/xxx.com.pem;# 改成你的证书的名字
    ssl_certificate_key cert/xxx.com.key;#你的证书的名字
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        index index.html index.php;
    }
    location ~ \.php(.*)$ {
            fastcgi_pass   unix:/tmp/php-cgi.sock;
            fastcgi_index  index.php;
            fastcgi_split_path_info  ^((?U).+\.php)(/?.+)$;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO  $fastcgi_path_info;
            fastcgi_param  PATH_TRANSLATED  $document_root$fastcgi_path_info;
            include        fastcgi_params;
        }
}