最近在做微信小程序商城開發(fā)的時候撩穿,閱讀官方api文檔發(fā)現(xiàn)要求https。
wx.request(OBJECT)
wx.request發(fā)起的是 HTTPS 請求谒撼。
推薦使用更便捷的 certbot 配置 https食寡,參考鏈接:CentOS 7.3 下部署基于 Node.js的微信小程序商城
于是開始了在Centos 6.8下利用letsencrypt.sh腳本為nginx 配置免費https(Let's Encrypt SSL證書)的路程。
一廓潜、下載letsencrypt.sh
# wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf
# wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
二抵皱、修改letsencrypt.conf文件的參數(shù)
# vim letsencrypt.conf
文件修改后的內(nèi)容如下
# only modify the values, key files will be generated automaticly.
ACCOUNT_KEY="letsencrypt-account.key"
DOMAIN_KEY="mtian.net.key"
DOMAIN_DIR="/usr/local/nginx/html" #網(wǎng)站的根目錄
DOMAINS="DNS:mtian.net,DNS:www.mtian.net" #你的網(wǎng)站域名,多個域名用,號分隔
#ECC=TRUE
#LIGHTTPD=TRUE
三辩蛋、執(zhí)行文件呻畸,生成https所需要的ssl證書文件
添加執(zhí)行權限并執(zhí)行
# chmod +x letsencrypt.sh
# ./letsencrypt.sh letsencrypt.conf
運行完成后會在當前目錄生成如下文件
# ls
letsencrypt-account.key lets-encrypt-x3-cross-signed.pem mtian.csr
letsencrypt.conf mtian.chained.crt mtian.net.key
letsencrypt.sh mtian.crt
四、修改nginx配置文件悼院,加入https
# vim /usr/local/nginx/conf/nginx.conf
server {
listen 443 ssl;
server_name www.mtian.net;
ssl on;
ssl_certificate /usr/local/nginx/conf/mtian.chained.crt;
ssl_certificate_key /usr/local/nginx/conf/mtian.net.key;
location / {
root html;
index index.html index.htm;
}
}
配置可參考
https://mozilla.github.io/server-side-tls/ssl-config-generator/
https://www.textarea.com/zhicheng/fenxiang-yige-https-a-di-nginx-peizhi-320/
五伤为、復制letsencrypt.sh生成的mtian.chained.crt和mtian.net.key 件到 nginx.conf中指定的目錄/usr/local/nginx/conf/
# cp mtian.chained.crt /usr/local/nginx/conf/
# cp mtian.net.key /usr/local/nginx/conf/
六、重啟nginx
# service nginx restart
Stopping nginx: [ OK ]
Starting nginx: [ OK ]
七樱蛤、打開瀏覽器訪問https://www.mtian.net/钮呀,火狐和谷歌都可以正常訪問并且有綠色的鎖剑鞍,https配置完成昨凡。
微信小程序商城https配置
微信小程序商城https配置
