关于https工程的简单nginx的简单配置

Posted daidao

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了关于https工程的简单nginx的简单配置相关的知识,希望对你有一定的参考价值。

1.下载域名的ssl证书,由于项目部署在阿里云上,就用了阿里推荐的赛门铁克,用Let‘s Encrypt的也不错。

2.nginx的配置如下:

worker_processes  8;

error_log  error.log;


events {
    worker_connections  1024;
}


http{
    server_tokens off;
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  ‘$remote_addr - $remote_user [$time_local] "$request" ‘
                      ‘$status $body_bytes_sent "$http_referer" ‘
                      ‘"$http_user_agent" "$http_x_forwarded_for"‘;

    access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    
  #工程1 upstream project1_http{ #工程1端口 server ip地址:8190; } upstream project2_http{ #工程2端口 server ip地址:8089; } server { listen 80; server_name website_http; charset utf-8; access_log logs/web.log;
     //域名后子访问名 location /project1/ { proxy_pass http://project1_http/; proxy_redirect off; proxy_intercept_errors on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 100M; proxy_connect_timeout 300s; proxy_read_timeout 300s; proxy_send_timeout 300s; proxy_buffer_size 64k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_ignore_client_abort on; #proxy_redirect default; } location /project2/ { proxy_pass http://project2_http/; proxy_redirect off; proxy_intercept_errors on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 100M; proxy_connect_timeout 300s; proxy_read_timeout 300s; proxy_send_timeout 300s; proxy_buffer_size 64k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_ignore_client_abort on; #proxy_redirect default; } }
  #项目使用到了腾讯云的对象存储功能,用于存储图片、视频 upstream cos-auth-server{ #鉴权443口 server ip地址:33575; } upstream project2_https{ #项目443口 server ip地址:8089; } server { listen 443; server_name website_https; ssl on; ssl_certificate cert/证书.pem; ssl_certificate_key cert/证书.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL; ssl_prefer_server_ciphers on; location /cosauth/ { proxy_pass http://cos-auth-server/; proxy_redirect off; proxy_intercept_errors on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 100M; proxy_connect_timeout 300s; proxy_read_timeout 300s; proxy_send_timeout 300s; proxy_buffer_size 64k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_ignore_client_abort on; #proxy_redirect default; } location /project2/ { proxy_pass http://project2_https/; proxy_redirect off; proxy_intercept_errors on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 100M; proxy_connect_timeout 300s; proxy_read_timeout 300s; proxy_send_timeout 300s; proxy_buffer_size 64k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_ignore_client_abort on; #proxy_redirect default; } } }

 




以上是关于关于https工程的简单nginx的简单配置的主要内容,如果未能解决你的问题,请参考以下文章

nginx简单代理配置

nginx 简单配置

【nginx】关于nginx返回json或者文本格式的配置方法

nginx配置二级域名以及ssl证书,真的很简单

Nginx的简单配置

基于mykernel的一个简单的时间片轮转多道程序内核代码分析