为了让Wordpress 对接上微信小程序,必须让域名使用 https,这个需要SSL证书,
刚好 https://letsencrypt.org/getting-started/ 提供了免费的 SSL 证书,证书有效期90天,并可以免费续期。
[code]
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
service nginx stop
sudo ~/certbot-auto certonly –standalone –email jaitch@163.com –agree-tos -d han.pm -d www.han.pm
[code]
在 LANMP 中, Nginx 充当第一层,所以应该为Nginx 添加 SSL 信息
ssl on;
ssl_certificate /etc/letsencrypt/live/han.pm/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/han.pm/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
这一部分代码添加到vhost 中即可,记得修改对应为文件路径
相对位置如下
[code]server
{
listen 443;
server_name han.pm www.han.pm house.han.pm;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/han.pm;
ssl on;
ssl_certificate /etc/letsencrypt/live/han.pm/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/han.pm/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1;
ssl_ciphers HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
location /
{
try_files $uri @apache;
}
# 省略其他配置信息
}[/code]