Nginx配置Http跳轉到Https,需要修改Nginx.conf配置文件:
server { listen 443; server_name www.qiaodahai.com; ssl on; ssl_certificate ca.pem; ssl_certificate_key ca.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; error_page 497 "https://$host$uri?$args"; #這是跳轉Http請求到Https location / { root html; index index.html index.htm; } }
server { listen 80; server_name www.qiaodahai.com; rewrite ^/(.*) https://$server_name$1 permanent; #跳轉到Https }
也就是再添加一個虛擬機server,80端口一個,443端口一個。
但是有些程序只會給你往端口上轉發,不會自動修正http為https,這樣的程序還不少,例如phpmyadmin:
遇到這樣的程序我們需要修改Nginx.conf配置文件,在443的server的fastcgi字段中添加一個語句:
fastcgi_param HTTPS on; #attention!#
例如
location ~ .*.(php|php5)?$ { try_files $uri =404; fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_index index.php; fastcgi_param HTTPS on; #attention!# include fcgi.conf; }
這樣就可以了。