Nginx配置ssl
nginx配置ssl实现https加密,主要是配置nginx.conf
1.编辑nginx.conf
vi /usr/local/nginx/sbin/nginx.conf
2.找到你要配置的server,按以下结构编辑(http会强制转换https)。
server { listen 80; listen 443 ssl; server_name www.demo.com demo.com; ssl_certificate /usr/local/ssl/demo.crt; ssl_certificate_key /usr/local/ssl/demo.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; if ($server_port = 80 ) { return 301 https://$host$request_uri; } proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { proxy_pass http://127.0.0.1:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } #让http请求重定向到https请求 error_page 497 https://$host$request_uri; error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
1.listen:端口号(http默认80),而https则是443 ssl
2.server_name:你要配置的域名(默认localhost)
3.ssl_certificate 和ssl_certificate_key则是你的域名相关的证书和秘钥
4.location / 要匹配的路径,/全路径,proxy_pass 是跳转的地址(localhost可能解析不了,可以写成127.0.0.1)
原文链接:https://blog.csdn.net/zhongjianboy/article/details/127771992
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END