Nginx

Nginx #

HPPTS签证.mm域名 #

  • 可能要 rm /etc/nginx/sites-enabled/default
IP=10.0.0.1
openssl req -x509 -nodes -not_before 19890604000000Z -not_after 20890604000000Z \
-newkey rsa:2048 -keyout /etc/nginx/mm.key -out /etc/nginx/mm.crt \
-subj "/CN=*.mm" -addext "subjectAltName=DNS:*.mm,IP:$IP"

sudo chmod 600 /etc/nginx/mm.key
sudo chmod 644 /etc/nginx/mm.crt
cp /etc/nginx/mm.crt /var/www/html/

cat > /etc/nginx/sites-enabled/443.conf << 'EOF'
server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/mm.crt;
    ssl_certificate_key /etc/nginx/mm.key;
    location / {
        root /var/www/html;
        index index.nginx-debian.html;
    }
}
EOF

wget https://zian.netlify.app/debian/https.tgz &&\
tar -zxf https.tgz -C /etc/nginx/ &&\
rm https.tgz

vi /etc/nginx/sites-enabled/443.conf

server {
    listen 443 ssl;
    http2 on;
    ssl_certificate /etc/nginx/mm.crt;
    ssl_certificate_key /etc/nginx/mm.key;
    root /var/www/html;
}

8443 # 

server {
	http2 on;
	http3 on;
    listen 8443 ssl;
	listen 8443 quic reuseport;
    ssl_certificate /etc/nginx/mm.crt;
    ssl_certificate_key /etc/nginx/mm.key;
	add_header Alt-Svc 'h3=":8443"; ma=2592000';
    root /var/www/html/;
}