www.aaa.com.crt //证书文件
www.aaa.com.key //私钥文件
ca.crt //证书链文件
server {
listen 80; //监听80端口
listen 443 ssl http2; //监听443端口
server_name www.aaa.com; //服务域名
root /www/aaa; //站点根目录
index index.html index.htm; //默认首页文档
#ssl on; //注意,开启此项将只能只用https访问
ssl_certificate /alidata/ssl/bingyang.crt; //证书文件
ssl_certificate_key/alidata/ssl/bingyang.key; //证书私钥文件
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:60m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;location / {
}#开启列出目录(可选)
autoindex on; //开启显示文件目录
autoindex_exact_size off; //显示文件大小(off为自动单位)
autoindex_localtime on; //显示修改时间#错误页配置
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /50x/ //50x错误页文件目录
}
}
<VirtualHost *:80> //http访问端口
ServerName www.aaa.com //绑定域名
DocumentRoot "/www/aaa/" //站点根目录
DirectoryIndex index.html index.htm //首页默认文档
<Directory "/www/aaa/"> //站点目录
Options FollowSymLinks //不允许列出目录
#Options Indexes FollowSymLinks //允许列出目录
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443> //https访问端口
ServerName www.aaa.com //绑定域名
DocumentRoot "/www/aaa/" //站点根目录
DirectoryIndex index.html //首页文档
SSLEngine on //开启SSL
SSLCertificateFile "/root/www.aaa.com.crt" //证书文件
SSLCertificateKeyFile "/root/www.aaa.com.key" //证书私钥
SSLCertificateChainFile "/root/ca.crt" //证书链文件
<Directory "/www/aaa/">
Options FollowSymLinks //不允许列出目录
#Options Indexes FollowSymLinks //允许列出目录
AllowOverride All
Require all granted
</Directory>
</VirtualHost>