给服务器配置https

前言
本文主要说如何配置https
开发环境：macOS
服务器系统：Ubuntu

---

ssh连上服务器，按以下命令安装证书

sudo apt-get install python-software-properties 
sudo apt-get install software-properties-common 
sudo sudo add-apt-repository ppa:certbot/certbot 
sudo sudo apt-get update 
sudo sudo apt-get install certbot 
#关掉nginx
sudo nginx -s stop #关不掉就用killall nginx 
sudo certbot certonly --standalone -d www.ouyanting.com #注意这里是你的域名

配置nginx

# 下面的域名请自行更换为自己的域名
server {
 listen 80;
 server_name www.ouyanting.com;
 # 将http重定向到https
 rewrite ^(.*) https://$host$1 permanent;
}
server {
 listen 443 ssl; 
 listen [::]:443 ssl ipv6only=on; 
 ssl_certificate /etc/letsencrypt/live/www.ouyanting.com/fullchain.pem; 
 ssl_certificate_key /etc/letsencrypt/live/www.ouyanting.com/privkey.pem; 
 ssl_trusted_certificate /etc/letsencrypt/live/www.ouyanting.com/chain.pem; 
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
 ssl_prefer_server_ciphers on; 
 ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; 
 server_name www.ouyanting.com; # 这里为你的域名
 root /xxx/xxx/xxx/; # 这里为你的项目路径
 location / { 
   index index.html;
   proxy_set_header Host $host; 
   proxy_set_header X-Forwarded-For  $remote_addr; 
   proxy_set_header X-Forwarded-Server  $host; 
 }
}

重启nginx

这样就完成配置了