demo
server { listen 443 ssl; server_name www.example.org; # 你的域名 ssl_certificate /etc/nginx/certs/tls.crt; # 你的证书路径 ssl_certificate_key /etc/nginx/certs/tls.key; # 你的证书密钥路径 ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { root /usr/share/nginx/html; index index.htm index.html; } } server { listen 80; server_name www.ilinux.io; return 301 https://$host$request_uri ; # rewrite ^(.*)$ https://$host$1 ; }
上面的demo有两种301的方式,一种是return,一种是rewrite,但是实际上会更推荐使用return,因为rewrite会涉及到计算正则,小业务场景没啥影响,但是也算一个优化点
