更新系统软件
$ sudo apt-get update安装certbot
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get install python-certbot-nginx生成相关文件
sudo certbot certonly --webroot -w /var/www/HelloPhp/public -d shop.xxx.com启用443端口
server {# listen 80;#443_start(添加443配置)listen 443 ssl;listen [::]:443 ssl ipv6only=on;ssl on;ssl_certificate /etc/letsencrypt/live/shop.xxx.com/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/shop.xxx.com/privkey.pem;# ssl_trusted_certificate /etc/letsencrypt/live/your.domain.com/chain.aem;#443_end#以下为正常配置root /var/www/HelloPhp/public;index index.php index.html index.htm;server_name shop.xxx.com 112.74.xxx.43;location / {try_files $uri /index.php;}location ~ \.php$ {# fastcgi_split_path_info ^(.+\.php)(/.+)$;# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini# With php5-cgi alone:# fastcgi_pass 127.0.0.1:9000;# With php5-fpm:fastcgi_pass unix:/var/run/php5-fpm.sock;fastcgi_index index.php;include fastcgi_params;}}域名默认不添加https也可访问
server {listen 80;# listen [::]:80 default_server;server_name shop.xxx.com;return 301 https://$server_name$request_uri;}