SSL证书保护你的数据安全
DV证书,OV证书,EV证书,通配符泛域名证书

nginx 安装SSL证书

  • DV单域名SSL证书

    35元/年

    域名级,老牌大厂,SHA256!

    点击查看
  • 通配符/泛域名SSL证书

    210元/年

    域名级,老牌大厂,SHA256

    点击查看
  • OV单域名SSL证书

    580元/年

    企业级证书,老牌大厂,SHA256

    点击查看
  • OV泛域名SSL证书

    1580元/年

    企业级,老牌大厂,SHA256

    点击查看

具有各种客户端的通用服务器,十分推荐使用

版本参数

服务器版本 1.27.3

OpenSSL 版本 3.4.0

HSTS & OCSP

nginx 1.27.3, intermediate config, OpenSSL 3.4.0

支持 Firefox 27, Android 4.4.2, Chrome 31, Edge, IE 11 on Windows 7, Java 8u31, OpenSSL 1.0.1, Opera 20, Safari 9

# generated 2025-07-22, Mozilla Guideline v5.6, Nginx 1.27.3, OpenSSL 3.4.0, intermediate configuration
# https://app.certbase.com/certhub/tools/ssl-config#server=nginx&version=1.27.3&config=intermediate&openssl=3.4.0&guideline=5.6

server {
  listen 80 default_server;
  listen [::]:80 default_server;

  return 301 https://$host$request_uri;
}

server {

    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    ssl_certificate /path/to/signed_cert_plus_intermediates;
    ssl_certificate_key /path/to/private_key;
    ssl_session_timeout 1d;
    ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
    ssl_session_tickets off;

    # curl https://app.certbase.com/ffdhe2048.txt > /path/to/dhparam
    ssl_dhparam /path/to/dhparam;
    # intermediate configuration
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers off;

    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
    add_header Strict-Transport-Security "max-age=63072000"always;

    # OCSP stapling
    ssl_stapling on;
    ssl_stapling_verify on;

    # verify chain of trust of OCSP response using Root CA and Intermediate certs
    ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;

    # replace with the IP address of your resolver
    resolver 127.0.0.1;
}
赞(0) 打赏
未经允许不得转载:免费SSL证书 » nginx 安装SSL证书

评论 抢沙发

SSL证书保护你的数据安全

提供域名级(DV)TLS 证书, 企业级(OV)TLS 证书, 增强级(EV)TLS 证书, 单域名 TLS 证书, 通配符 TLS 证书, 弹性 TLS 证书 ,公网 IP 地址 TLS 证书, 中国 OCSP TLS 证书,证书品牌有,证书品牌 DigiCert Certum GlobalSign Geotrust Sectigo RapidSSL AlphaSSL PositiveSSL Secure Site Pro CFCA

联系购买联系我们

觉得文章有用就打赏一下文章作者

非常感谢你的打赏,我们将继续提供更多优质内容,让我们一起创建更加美好的网络世界!

支付宝扫一扫

微信扫一扫