All Documents

Current Document

Recommend

Container Engine Virtual Private Cloud Standard Storage Service

Content is empty

If you don't find the content you expect, please try another search term

Certificate Management (KCM)

View more results

Document title with current keyword not found

Directory

Expand AllFold All Up

Networking
Security

Storage&CDN
Database
Legal
- Legal
ActionTrail
- ActionTrail
- Kingsoft Cloud International Business

Video Services
Data Analysis
- MapReduce (KMR)
- Kingsoft Cloud Log Service
Account Management
- Identity and Access Management
- Account Management

No products found with this keyword

Documentation

Certificate Management (KCM)

User Guide

Certificate configuration

NGINX

NGINX

Last updated：2021-03-15 15:35:34

This document describes how to install a certificate on a NGINX server.

Prerequisites

The certificate is in the Issued state.
You have obtained the certificate package.

Obtain the certificate file

Download the certificate package from the KCM console and decompress the package to obtain the .key file and .pem file.

Install the server certificate

Copy files server.key and server.pem to the conf folder in the NGINX installation directory.
Open the nginx.conf file in the conf folder.

Locate the following lines:

# HTTPS server 
# 
#server { 
#    listen       443; 
#    server_name  localhost; 
#    ssl                  on; 
#    ssl_certificate      cert.pem; 
#    ssl_certificate_key  cert.key; 
#    ssl_session_timeout  5m; 
#    ssl_protocols  SSLv2 SSLv3 TLSv1; 
#    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
#    ssl_prefer_server_ciphers   on; 
#    location / { 
#        root   html; 
#        index  index.html index.htm; 
#    } 
#}

Use the following lines to replace the previously mentioned lines:

    server { 
    listen       443; 
    server_name  localhost; 
    ssl                  on; 
    ssl_certificate      server.pem; 
    ssl_certificate_key  server.key; 
    ssl_session_timeout  5m; 
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
# Using of TLS1.1 and TLS1.2 require OpenSSL1.0.1 or higher. It is recommended that you use the up-to-date OpenSSL version 1.0.1 or 1.0.2.
    ssl_ciphers  HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM; 
    ssl_prefer_server_ciphers   on; 
    location / { 
        root   html; 
        index  index.html index.htm; 
    } 
}

Save and close the file, and then restart NGINX.
Use HTTPS to access your website and verify that the certificate has been installed correctly.

On this page

Previous:Apache for Linux

Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen

Feedback