nginx 配置http和https验证
2021-03-21 10:25
标签:gen pass 成功 gzip 发送 info font session read 在腾讯云申请 申请成功后下载到本地,上传到服务器上 假设项目名称为flask_demo vim /etc/nginx/nginx.conf 把证书文件拷贝到demo.d文件夹中 flask_demo配置 监听http和https两个端口 如果htttp访问的时候,报错如下: https: http: 验证: nginx 配置http和https验证 标签:gen pass 成功 gzip 发送 info font session read 原文地址:https://www.cnblogs.com/xiao-apple36/p/12723902.html申请SSL证书
nginx配置
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘
‘$status $body_bytes_sent "$http_referer" ‘
‘"$http_user_agent" "$http_x_forwarded_for"‘;
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
#include /etc/nginx/conf.d/*.conf;
#增加配置文件
include /etc/nginx/demo.d/flask_demo.conf;
}
server {
listen 80 default backlog=2048;
listen 443 ssl;
server_name xx.xx.cn; #你自己的域名
#证书文件名称
ssl_certificate demo.d/1_xx.xx.cn_bundle.crt; #你自己的证书
#私钥文件名称
ssl_certificate_key demo.d/xx.xx.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
charset UTF-8;
access_log /var/log/nginx/myweb_access.log;
error_log /var/log/nginx/myweb_error.log;
client_max_body_size 75M;
location / {
try_files $uri @yourapplication1;
}
location @yourapplication1 {
include uwsgi_params;
uwsgi_pass unix:/home/ubuntu/data/www/logs/demo.sock;
uwsgi_read_timeout 1800;
uwsgi_send_timeout 300;
}
}
The plain HTTP requset was sent to HTTPS port. Sorry for the inconvenience.
……验证
HTTP 自动跳转 HTTPS 的安全配置
server {
#listen 80 default backlog=2048;
listen 443 ssl;
server_name xx.xx.cn;
#证书文件名称
ssl_certificate demo.d/1_xx.cn_bundle.crt;
#私钥文件名称
ssl_certificate_key demo.d/2_xx.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
charset UTF-8;
access_log /var/log/nginx/myweb_access.log;
error_log /var/log/nginx/myweb_error.log;
client_max_body_size 75M;
location / {
try_files $uri @yourapplication1;
}
location @yourapplication1 {
include uwsgi_params;
uwsgi_pass unix:/home/ubuntu/data/www/logs/demo.sock;
uwsgi_read_timeout 1800;
uwsgi_send_timeout 300;
}
}
server {
listen 80;
server_name xx.cn; #你自己的域名
rewrite ^(.*) https://xx.cn$1 permanent;#把http的域名请求转成https
}
下一篇:ajax 入门