This document uses the third-party developer domain name http://www.example.com
as an example. The following two cases may arise:
The third-party developer already has a certificate issued by an authoritative third party.
www.example.com.crt
issued by and the private key www.example.com.key
assigned by the authoritative third party for www.example.com
. Note that the certificate must be issued by an authoritative third party, such as Topway or GlobalSign.The third-party developer sends an application to IM, requesting IM to issue a certificate for its domain name.
www.example.com
, in the console.www.example.com.crt
and assigns the private key www.example.com.key
to the developer with the domain name www.example.com
. The developer can download the certificate from the console.www.example.com.crt
, www.example.com.key
, and TencentQQAuthCA.crt
to the conf folder under the Nginx installation directory.server {
listen 443 ssl;
ssl_protocols TLSv1 TLSv1.1;
server_name www.example.com; # Domain name
ssl_certificate www.example.com.crt; # Certificate issued by Tencent to the third party
ssl_certificate_key www.example.com.key; # Private key paired with the certificate
ssl_verify_client on; # Verify the request source
ssl_client_certificate TencentQQAuthCA.crt; # CA certificate authenticated by Tencent
location / {
root html;
index index.html index.htm;
}
}
Was this page helpful?