Nginx-白红宇

Nginx

阅读量：790 次

发布时间：2023-02-15

本文共 2633 字，大约阅读时间需要 8 分钟。

Nginx+SpringBoot配置SSL证书，实现https访问

配置步骤

获取域名并申请SSL证书

首先需拥有域名，将其解析到服务器，申请与域名匹配的SSL证书。

安装Nginx并开放443端口

Nginx默认HTTP端口为80，HTTPS端口为443。安装完成后确保服务器开放443端口。

通过SSH连接服务器并修改Nginx配置

打开终端访问服务器，修改nginx.conf文件，完成HTTPS配置。

重新启动Nginx完成配置

修改完成后，输入命令sudo systemctl restart nginx使新配置生效。

Nginx配置示例

# HTTPS配置server {    listen 443 ssl;    server_name www.haore.top;    keepalive_timeout 10m;    ssl_certificate /home/jar/www.pem;    ssl_certificate_key /home/jar/www.key;    ssl_session_timeout 24h;    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    ssl_prefer_server_ciphers on;    location / {        proxy_pass http://127.0.0.1:8288;        proxy_redirect off;        proxy_set_header Host $host;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_set_header X-Forwarded-Proto $scheme;    }}

反向代理HTTP配置示例

server {    listen 80;    server_name zcxcs.haore.top;    location / {        add_header 'Access-Control-Allow-Origin' $http_origin;        add_header 'Access-Control-Allow-Credentials' 'true';        add_header 'Access-Control-Allow-Methods' '*';        add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,U-TOKEN,E-TOKEN,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';        if ($request_method = 'OPTIONS') {            add_header 'Access-Control-Allow-Origin' $http_origin;            add_header 'Access-Control-Allow-Credentials' 'true';            add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS';            add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,U-TOKEN,E-TOKEN,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';            add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';            add_header 'Access-Control-Max-Age' 1728000;            add_header 'Content-Type' 'text/plain; charset=utf-8';            add_header 'Content-Length' 0;            return 204;        }        proxy_pass http://localhost:8288;        proxy_set_header Host $host;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_set_header X-Forwarded-Proto $scheme;        proxy_connect_timeout 5;    }}

转载地址：http://macfk.baihongyu.com/

你可能感兴趣的文章

Netty工作笔记0072---Protobuf内容小结

查看>>

Netty工作笔记0073---Neety的出站和入站机制

查看>>

Netty工作笔记0074---handler链调用机制实例1

查看>>

Netty工作笔记0075---handler链调用机制实例1

查看>>

Netty工作笔记0076---handler链调用机制实例3

查看>>