ssl lnmp下配置

server
	{
		listen 80;
        listen 443;
		#listen [::]:80 default ipv6only=on;
		server_name www.yetyun.com yetyun.com;
        ssl on;
		index index.html index.htm index.php;
		root  /home/wwwroot/blog;
    	ssl_certificate   /usr/local/nginx/conf/cert/www_yetyun_com.pem;
        ssl_certificate_key  /usr/local/nginx/conf/cert/www_yetyun_com.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;



		#error_page   404   /404.html;
		location ~ [^/]\.php(/|$)
			{
				# comment try_files $uri =404; to enable pathinfo
				try_files $uri =404;
				fastcgi_pass  unix:/tmp/php-cgi.sock;
				fastcgi_index index.php;
				include fastcgi.conf;
				include pathinfo.conf;

			}

if (!-e $request_filename)
{
          #地址作为将参数rewrite到index.php上。
            rewrite ^/(.*)$ /index.php/$1;

}

		location /nginx_status {
			stub_status on;
			access_log   off;
		}


		location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
			{
				expires      30d;
			}

		location ~ .*\.(js|css)?$
			{
				expires      12h;
			}

		access_log  /home/wwwroot/blog/logs/access.log  access;
	}

	





	





	//ssl lnmp下配置