当前位置:首页 > 编程语言 > Nginx配置https

Nginx配置https

2021-05-05 14:28

阅读:451

标签:ted   端口   _for   示例   col   ssl   tlsv1   task   add   

示例

worker_processes 1;

events {
  worker_connections 1024;
}

http {

  upstream demo{
    server localhost:55328;
  }

  include mime.types;
  default_type application/octet-stream;

  sendfile on;
  keepalive_timeout 65;

  client_max_body_size 500m;
  map $http_upgrade $connection_upgrade {
    default upgrade;
  }
#访问80端口,重定向到https
  server {
    listen 80;
    server_name [server_name];
    rewrite ^(.*)$ https://${server_name}$1 permanent;
  }

  server {
    listen 80;
    server_name [server_name];
    rewrite ^(.*)$ https://${server_name}$1 permanent;
  }

  server {
    listen 80;
    server_name [server_name];
    rewrite ^(.*)$ https://${server_name}$1 permanent;
  }

  server {
    listen 443 ssl;
    server_name [server_name];
    
    #ssl_certificate ssl/[server_name].pem; # 指定证书的位置,绝对路径
    #ssl_certificate_key ssl/[server_name].key; # 绝对路径,同上 
    #ssl_trusted_certificate ./ssl/[server_name].cer;
   
    ssl_certificate         ./ssl/fullchain.cer; 
    ssl_certificate_key     ./ssl/[server_name].key;

    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
    ssl_prefer_server_ciphers on;

    proxy_set_header    Host                 $host;
    proxy_set_header    X-Real-IP             $remote_addr;
    proxy_set_header    X-Forwarded-For       $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto     $scheme;

    location / {
      proxy_connect_timeout 1;
      proxy_pass http://localhost:50852;
    }
    location /NotiHub {
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_pass http://localhost:50852/NotiHub;
    }
    location /TaskLogHub {
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_pass http://localhost:50852/TaskLogHub;
    }
    location = /50x.html {
      root html;
    }
    error_page 404 500 502 503 504 /50x.html;
  }
}

配置说明

#转发Tcp
stream {
    proxy_timeout 30m;
    server {
        listen 8080;
        proxy_pass localhost:55328;
    }
}
#使用 WebSocket 需要添加以下配置
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
#使用 SSE 需要添加以下配置
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;

proxy_set_header Connection;
chunked_transfer_encoding off;
proxy_cache off;

Nginx配置https

标签:ted   端口   _for   示例   col   ssl   tlsv1   task   add   

原文地址:https://www.cnblogs.com/ysmc/p/12107295.html

上一篇:web 报表中电子图章 / 水印的轻松实现

下一篇:HTTP协议

文章来自:搜素材网编程语言模块,转载请注明文章出处。
文章标题:Nginx配置https
文章链接:http://soscw.com/index.php/essay/82774.html

评论

亲,登录后才可以留言!

热门文章

推荐文章

最新文章

置顶文章

关于我们 | 版权声明 | 常见问题 | 素材投稿 | 联系我们 | 网站地图 |
搜素材网素材除本站原创外均由用户分享,若发现权利被侵害,请联系及时联系我们,我们会在第一时间进行处理。
特别说明:本站所有资源除本站原创外仅供学习与参考,请勿用于商业用途,如有侵犯您的版权请联系客服服务QQ:点击这里给我发消息
Copyright © 2024 soscw.com 搜素材网素材网版权所有 蜀ICP备18015633号-1