nginx添加子域名

by

域名服务商添加子域名

这里以freenom为例,在域名服务商管理界面添加一条A记录

为子域名添加证书

使用certbot

certbot certonly  -d tacos.boostup.cf --standalone

nginx添加子域名,并使用生成的证书

nginx添加配置

    server {
        listen       443 ssl;
        server_name  tacos.boostup.cf;

        charset utf-8;
        ssl_certificate /etc/letsencrypt/live/tacos.boostup.cf/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/tacos.boostup.cf/privkey.pem;

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
        ssl_ecdh_curve secp384r1;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        ssl_session_tickets off;
        keepalive_timeout 70;
        location / {
            proxy_pass   http://127.0.0.1:8011;
        }
    }

Leave a Comment