在阿里云找到SSL證書頁面，阿里云提供免費的SSL證書

image.png

選擇品牌

image.png

選擇免費型

image.png

進入控制臺就可以看到已經(jīng)購買的證書了

image.png

補全信息

image.png

后面忘了截圖前联，大概有以下幾個步驟：

1. 將文件上傳到服務(wù)器指定位置，需要URL能夠訪問到（非https）
2. 指定位置是一個隱藏文件夾娶眷，window下需要用mkdir命令創(chuàng)建
3. 上傳文件過一會就會自動驗證成功
4. 第3步很容易失敗似嗤，建議直接在服務(wù)器上下載驗證文件，多試幾次

配置Apache或者Nginx

# 添加 SSL 協(xié)議支持協(xié)議届宠，去掉不安全的協(xié)議
SSLProtocol all -SSLv2 -SSLv3
# 修改加密套件如下
SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
SSLHonorCipherOrder on
# 證書公鑰配置
SSLCertificateFile cert/public.pem
# 證書私鑰配置
SSLCertificateKeyFile cert/215045620450170.key
# 證書鏈配置烁落，如果該屬性開頭有 '#'字符，請刪除掉
SSLCertificateChainFile cert/chain.pem

server {
    listen 443;
    server_name localhost;
    ssl on;
    root html;
    index index.html index.htm;
    ssl_certificate   cert/215045620450170.pem;
    ssl_certificate_key  cert/215045620450170.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        root html;
        index index.html index.htm;
    }
}

分享一下我最終的配置（Apache虛擬站點）

#startSite
<VirtualHost *:80>
    DocumentRoot "E:\wwwroot\floribook\public"
    ServerName floridict.huatoutiao.com
    ServerAlias floridict.huatoutiao.com
    
    #START-ERROR-PAGE
    ErrorDocument 403 /403.html
    ErrorDocument 404 /404.html
    ErrorDocument 502 /502.html
    #END-ERROR-PAGE
    
    #startPHP
    <Files ~ "\.php$">
        Options FollowSymLinks ExecCGI
        AddHandler fcgid-script .php
        FcgidWrapper "E:/BtSoft/WebSoft/php/7.1/php-cgi.exe" .php
    </Files>
    #endPHP
    
    #start301
    #end301
    
    #REFERER-START
    #REFERER-END
    
    #PROXY-START
    #PROXY-END
    <Directory "E:\wwwroot\floribook\public">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
        DirectoryIndex index.php default.php index.html index.htm default.html default.htm
        
    </Directory>
    ErrorLog "logs/floridict.huatoutiao.com-error.log"
    CustomLog "logs/floridict.huatoutiao.com-access.log" common
</VirtualHost>
<VirtualHost *:443>
    SSLEngine on
    ServerName floridict.huatoutiao.com:443
    SSLCertificateKeyFile "${SRVROOT}/conf/ssl_dict/215045620450170.key"
    SSLCertificateFile "${SRVROOT}/conf/ssl_dict/public.pem"
    SSLCertificateChainFile "${SRVROOT}/conf/ssl_dict/chain.pem"

    DocumentRoot "E:\wwwroot\floribook\public"
    ServerName floridict.huatoutiao.com
    ServerAlias floridict.huatoutiao.com
    
    #START-ERROR-PAGE
    ErrorDocument 403 /403.html
    ErrorDocument 404 /404.html
    ErrorDocument 502 /502.html
    #END-ERROR-PAGE
    
    #startPHP
    <Files ~ "\.php$">
        Options FollowSymLinks ExecCGI
        AddHandler fcgid-script .php
        FcgidWrapper "E:/BtSoft/WebSoft/php/7.1/php-cgi.exe" .php
    </Files>
    #endPHP
    
    #start301
    #end301
    
    #REFERER-START
    #REFERER-END
    
    #PROXY-START
    #PROXY-END
    <Directory "E:\wwwroot\floribook\public">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
        DirectoryIndex index.php default.php index.html index.htm default.html default.htm
        
    </Directory>
    ErrorLog "logs/floridict.huatoutiao.com-error.log"
    CustomLog "logs/floridict.huatoutiao.com-access.log" common
</VirtualHost>
#endSite

推薦一個https相關(guān)的資料站 https://github.com/cheaphttps/https-start