cd /etc/nginx/ssl
cat STAR_pass_tw.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > pass.tw.bundle.crt


cd /etc/nginx/conf.d
vi pass.tw.conf
  server {
    listen 443 ssl;
    server_name pass.tw
    ssl on;
    ssl_certificate /etc/nginx/ssl/pass.tw.bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/pass.tw.key;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers   HIGH:!aNULL:!MD5;

    # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
    #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    location / {
      proxy_pass http://127.0.0.1:80;
    }
  }


/etc/init.d/nginx restart
 

文章標籤
創作者介紹

Hello World

helloworld 發表在 痞客邦 PIXNET 留言(0) 人氣()