One of the problems we have to face when making WeChat mini programs is to build a WeChat mini program server, especially the current HTTPS. Because I have always used Alibaba servers, I continued this time to register a domain name and purchase a cloud server ECS on Alibaba Cloud. (Friends who built a WeChat applet server based on Tencent Cloud may not be able to help you much!)
The configuration of ECS is flexible and can be customized according to your needs. Choose a reasonable configuration according to your needs. If you are a beginner and want to learn, just choose the lowest configuration at the beginning.
##Because in the production environment of the mini program, for the sake of safety Consider, if you call the server's REST API or WebSocket, the server must provide a secure link address (such as https://mydomain/myservice, wss://mydomian), that is, you need to use SSL. So we need to purchase a CA certificate and domain name for our server.
It is very convenient to register a domain name on Alibaba Cloud. You can go to https://wanwang.aliyun.com to register one. As for CA certificates, many domestic and foreign institutions provide certificate issuance certification, domestic ones such as WoSign, and foreign ones such as Symantec. This certificate is still a bit expensive. The price varies greatly depending on the different functions of the certificate. The cheapest one is better. Hundreds a year. There are also free certificates available now, such as Let's Encrypt. However, Alibaba Cloud also provides free certificates, which are very convenient to apply for. Let’s take a look at how to apply for a free certificate in Alibaba Cloud.
From the "Products and Services" menu at the top of the Alibaba Cloud page, you can see "CA Certificate Service":
After entering the page, click the "Purchase Certificate" button in the upper right corner of the page to enter the certificate selection interface:
Here you can choose the "Free DV SSL" certificate, buy one of this kind of certificate The certificate can only be valid for one detailed domain name, which means that if you have several sub-domain names, such as blog.mydomain.com, www.mydomain.com, shop.mydomain.com, you need to purchase 3 certificates respectively. After the purchase is completed, you can click "Complete" information in the order list you purchased, enter the domain name to be bound to this certificate, your personal details, etc., and submit it to the issuing agency for review. After the review is completed, you You will also receive an email in the email address filled in with instructions on how to set it up (this email is mainly a setup guide for users whose domain name is not registered with Alibaba Cloud. If the domain name is registered with Alibaba Cloud, a resolution record will be automatically added to your domain name. You don’t need to add it manually).
Then, please click the "Download" certificate file button in the order list to download the certificate file, which contains some certificates for different http servers, such as apache, nginx, IIS, etc., they are used to configure the http server installed on your server.
I installed CentOS on ECS and installed nginx through yum:
Then upload the server certificate to the server, and then configure the nginx.conf file (change the configuration file in the /etc/nginx directory) to support https url access:
<span style="font-size: 14px;">server {<br/> listen 443 ssl http2 default_server;<br/> listen [::]:443 ssl http2 default_server;<br/> server_name _;<br/><br/> root /usr/share/nginx/html;<br/><br/> ssl on;<br/> ssl_certificate "xxxxxx.pem"; #你的证书文件中的pem文件<br/> ssl_certificate_key "xxxxxx.key"; #你的证书文件中的key文件<br/> ssl_session_timeout 5m;<br/> ssl_protocols TLSv1 TLSv1.1 TLSv1.2;<br/> ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;<br/> ssl_prefer_server_ciphers on;<br/><br/> include /etc/nginx/default.d/*.conf;<br/><br/> location / {<br/> }<br/> }<br/></span>
In this way, your http server is configured. Then, in Alibaba Cloud's domain name resolution console, add an A resolution record for your domain name, point your domain name to the public IP address of your ECS server, and that's it.
Then, you can use the URL starting with https to access your http service! This is just a simple start, there are still a lot of server-side development and configuration things waiting for you!
The above are the situations encountered when configuring the https WeChat applet server and Explain in detail!
If you have any questions during the configuration process, you can leave a message here.
For more articles related to building a WeChat applet server (HTTPs), please pay attention to the PHP Chinese website!