51 lines
1.7 KiB
Markdown
51 lines
1.7 KiB
Markdown
```bash
|
|
-rw-rw-r-- 1 ubuntu ubuntu 4498 Mar 7 10:16 sleepstory.gogao.top_bundle.crt
|
|
-rw-rw-r-- 1 ubuntu ubuntu 4498 Mar 7 10:16 sleepstory.gogao.top_bundle.pem
|
|
-rw-rw-r-- 1 ubuntu ubuntu 1144 Mar 7 10:16 sleepstory.gogao.top.csr
|
|
-rw-rw-r-- 1 ubuntu ubuntu 1700 Mar 7 10:16 sleepstory.gogao.top.key
|
|
```
|
|
|
|
```bash
|
|
server {
|
|
# SSL configuration
|
|
#
|
|
listen 443 ssl default_server;
|
|
listen [::]:443 ssl default_server;
|
|
#
|
|
# Note: You should disable gzip for SSL traffic.
|
|
# See: https://bugs.debian.org/773332
|
|
#
|
|
# Read up on ssl_ciphers to ensure a secure configuration.
|
|
# See: https://bugs.debian.org/765782
|
|
#
|
|
# Self signed certs generated by the ssl-cert package
|
|
# Don't use them in a production server!
|
|
#
|
|
# include snippets/snakeoil.conf;
|
|
|
|
# root /var/www/html;
|
|
|
|
# Add index.php to the list if you are using PHP
|
|
# index index.html index.htm index.nginx-debian.html;
|
|
|
|
server_name garden.gogao.top;
|
|
client_max_body_size 5M;
|
|
ssl_certificate /opt/certs/www.gogao.top_nginx/www.gogao.top_bundle.crt;
|
|
#请填写私钥文件的相对路径或绝对路径
|
|
ssl_certificate_key /opt/certs/www.gogao.top_nginx/www.gogao.top.key;
|
|
ssl_session_timeout 5m;
|
|
#请按照以下协议配置
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
root /var/www/garden.gogao.top;
|
|
index index.html;
|
|
|
|
location / {
|
|
try_files $uri $uri/ =404;
|
|
}
|
|
|
|
}
|
|
``` |