response里面的content-type一般是告诉浏览器如何处理收到的数据

下面是nginx默认的配置，content-type 和对应的文件后缀

text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;

text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;

image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;

application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;

application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;

application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;

audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;

video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;

首先生成https证书

# 输入下面命令
openssl genrsa -out server.key 1024

# 生成服务器证书（主要是要填写Common Name ，就是你的ip或者域名）
openssl req -new -key server.key -out server.csr

# 对证书签名
openssl x509 -req  -days 365 -sha256 -in server.csr -signkey server.key -out servernew.crt

配置nginx

server {

listen 443 ssl;

server_name 你的域名;

index index.html index.htm index.php;

ssl on;
ssl_certificate /var/web/ssl/servernew.crt;
ssl_certificate_key /var/web/ssl/server.key;

}

出于安全性考虑，我们应该为我们的网站配置https支持，一般来说https证书都需要钱买，但是Let’s Encrypt却免费提供https证书给我，只不过每三个月就需要重新生成。

下面给出生成证书的命令（注意域名要绑定到执行这句命令的服务器，blog.yubang.app改成自己的域名）

docker run --rm -p 80:80 -p 443:443 -v /etc/letsencrypt:/etc/letsencrypt quay.io/letsencrypt/letsencrypt auth --standalone -m yubang@yubangweb.com --agree-tos -d blog.yubang.app

由于上面的命令使用到docker，请先安装。并且可能国外的镜像下载比较慢，所以同步了镜像到腾讯云，所以也可以执行下面的命令

docker run --rm -p 80:80 -p 443:443 -v /etc/letsencrypt:/etc/letsencrypt quay.io/letsencrypt/letsencrypt auth --standalone -m yubang@yubangweb.com --agree-tos -d blog.yubang.app

生成了证书之后，当然就是配置nginx了，给出配置（blog.yubang.app改成自己的域名）

server {
listen 80;
listen 443 ssl;
server_name blog.yubang.app;

ssl_certificate /etc/letsencrypt/live/blog.yubang.app/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blog.yubang.app/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/blog.yubang.app/chain.pem;

location / {

}

}

我们先看一个场景，假如有服务器A和服务器B，两台服务器上都有nginx，然后WordPress部署在服务器B上。浏览器通过https访问服务器A，然后服务器A与服务器B的通讯是基于http协议的。然后这个时候我们就会发现，WordPress的静态资源都会走http协议，这个时候我们该如何处理呢，很简单，只需要修改服务器B的nginx配置即可。

配置如下：

server{
listen 10000;
index index.html index.htm index.php;
root /var/web/blog;

location / {

}
location ~ .php$ {
fastcgi_param HTTPS on;
fastcgi_param HTTP_HOST 'blog.yubang.app';

fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}