• Centos Nginx SSL 配置

    Nginx 配置 SSL

    1.下载SSL证书
    在这里插入图片描述
    .crt 和 .key文件

    2.创建和上传证书

    mkdir -p /etc/nginx/cert
上传证书

    3.nginx.conf配置

    # For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;
    
    include /etc/nginx/conf.d/*.conf;
    
    server {
	listen 80;
        server_name baiduX.com www.baiduX.com;
        return 301 https://$server_name$request_uri;  
    }

    server {

 	listen 443 ssl;
        server_name meteor;
        # 证书配置
        ssl_certificate /etc/nginx/cert/server.crt;
        ssl_certificate_key /etc/nginx/cert/server.key;
        ssl_session_cache shared:sslcache:20m;
        ssl_session_timeout 10m;

        error_page 497 301 =307 https://$host:$server_port$request_uri;

        location / {
            root /mnt/data/meteor/html;
            index index.html index.htm;
			try_files $uri $uri/ /index.html;
        }
	   location /Galaxys/ {

			proxy_pass http://127.0.0.1:6012/Galaxys/;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header X-Forwarded-Host  $host;
			proxy_set_header X-Forwarded-Port 6012;
			proxy_set_header Host $host:6012;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_http_version 1.1;
			proxy_set_header Upgrade $http_upgrade;
			proxy_set_header Connection "Upgrade";
			access_log off;
			client_max_body_size 1024m;
        }
		
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen 3461 ssl;
        server_name baudu;
        ssl_certificate /etc/nginx/cert/server.crt;
        ssl_certificate_key /etc/nginx/cert/server.key;
        ssl_session_cache shared:sslcache:20m;
        ssl_session_timeout 10m;

        location / {
            root   /mnt/data/comet/dist;
            index  index.html index.htm;
			try_files $uri $uri/ /index.html;
        }

        location /Galaxys/ {
			proxy_pass http://127.0.0.1:6905/Galaxys/;
               }
    }
    
    server {
        listen 4901 ssl;
        server_name dure;
        ssl_certificate /etc/nginx/cert/server.crt;
        ssl_certificate_key /etc/nginx/cert/server.key;
        ssl_session_cache shared:sslcache:20m;
        ssl_session_timeout 10m;

        location / {
            root   /mnt/data/stellar/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }

		location /Galaxys/ {
           proxy_pass https://www.uyi.com/Galaxys/;
		}
    } 

    server {
        listen 8901 ssl;
        server_name supplier;
        ssl_certificate /etc/nginx/cert/server.crt;
        ssl_certificate_key /etc/nginx/cert/server.key;
        ssl_session_cache shared:sslcache:20m;
        ssl_session_timeout 10m;

        location / {
            root   /mnt/data/supplier/dist-dev;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }

		location /Galaxys/ {
           proxy_pass https://iop.com/Galaxys/;
		}
    }
    
    server {
        listen 8718 ssl;
        server_name byu;
        ssl_certificate /etc/nginx/cert/server.crt;
        ssl_certificate_key /etc/nginx/cert/server.key;
        ssl_session_cache shared:sslcache:20m;
        ssl_session_timeout 10m;

        client_max_body_size 1280m;
		proxy_read_timeout 600;

        error_page 497 301 =307 https://$host:$server_port$request_uri;

		location / {
			proxy_pass http://127.0.0.1:8010;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header X-Forwarded-Host  $host;
			proxy_set_header X-Forwarded-Port 8011;
			proxy_set_header Host $host:8011;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_http_version 1.1;
			proxy_set_header Upgrade $http_upgrade;
			proxy_set_header Connection "Upgrade";
			access_log off;

		}
		# You may need this to prevent return 404 recursion.
		location = /404.html {
				internal;
		}
    }
}

    cd /etc/nginx
service nginx restart
或
systemctl restart nginx.service

    在这里插入图片描述

  • 相关阅读:
    iview项目中,radio选中值回显问题
    聊聊logback的LevelFilter
    MATLAB基础应用精讲-【基础知识篇】MATLAB程序优化-通过Profiler进行程序运行分析
    神经网络基础理论
    工具篇--分布式定时任务springBoot 整合 elasticjob使用(3)
    垃圾回收与算法
    【无标题】
    Postgresql实验系列(3)最简脏读插件
    Linux入门教程:P13->磁盘管理类
    【电路基础1】电阻
  • 原文地址:https://blog.csdn.net/weixin_42512282/article/details/140041088