目录
前置条件
已申请域名包括备案成功SSL证书已获得Nginx部署方式为源码部署,不会的请参考Linux安装nginx - star-xin - 博客园nginx已加载SSL模块,不会的请参考nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/nginx/conf/nginx.conf:37 - ノGHJ - 博客园nginx.conf正文(直接复制粘贴)
改成自己域名、要转发的http地址
#usernobody; worker_processes1; #error_loglogs/error.log; #error_loglogs/error.lognotice; #error_loglogs/error.loginfo; #pidlogs/nginx.pid; events { worker_connections1024; } http { include mime.types; default_typeapplication/octet-stream; client_max_body_size5000m; #log_formatmain$remote_addr - $remote_user [$time_local] "$request" #$status $body_bytes_sent "$http_referer" #"$http_user_agent" "$http_x_forwarded_for"; #access_loglogs/access.logmain; sendfileon; #tcp_nopush on; #keepalive_timeout0; keepalive_timeout65; #gzipon; # Tomcat upstream appServer { server 127.0.0.1:8080 weight=4; } server { listen 80; # listen somename:8080; server_name域名; rewrite ^(.*) https://$host$1 permanent; } server { listen443 ssl; # https443 charset utf-8; server_name 域名; # host_name of URL #https #ssl on; ssl_certificate 证书地址.pem; ssl_certificate_key 证书地址.key; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #httpsTomcat Tomcathttp proxy_set_header X-Forwarded-Proto $scheme; #Tomcat proxy_pass 自己的http请求; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { #listen 8000; #listen somename:8080; #server_namesomenamealiasanother.alias; #location / { #root html; #indexindex.html index.htm; #} #} # HTTPS server # #server { #listen 443 ssl; #server_namelocalhost; #ssl_certificatecert.pem; #ssl_certificate_keycert.key; #ssl_session_cacheshared:SSL:1m; #ssl_session_timeout5m; #ssl_ciphersHIGH:!aNULL:!MD5; #ssl_prefer_server_cipherson; #location / { #root html; #indexindex.html index.htm; #} #} }