nginxでSSL/HTTPS設定をするメモ

サンプルコード:
server {
listen   80;
listen 443 ssl spdy;
server_name www.domain.com;
ssl on;
ssl_certificate sample.net.crt;
ssl_certificate_key sample.net.key;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout  10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE:!kEDH;
ssl_prefer_server_ciphers on;

ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/startssl_trust_chain.crt;
add_header Strict-Transport-Security “max-age=31536000";
resolver 8.8.8.8 8.8.4.4;
location / {
root   html;
index  index.html index.htm;
}
}

Nginx

Posted by arkgame