nginx配置 一个tomcat对应多个项目

1.安装Openssl 生成证书

下载地址 https://www.openssl.org/source/

csdn下载地址 https://download.csdn.net/download/heidou_2016/10731481

2.配置环境变量

  在环境变量中添加环境变量

    变量名: OPENSSL_HOME            变量值:C:\OpenSSL-Win32\bin;        (变量值为openssl安装位置)

    在path变量结尾添加如下 : %OPENSSL_HOME%;

3.生成证书

(1) 首先在 nginx安装目录中创建ssl文件夹用于存放证书。比如我的文件目录为 C:\wnmp\nginx\ssl

     以管理员身份进入命令行模式,进入ssl文件夹。 命令为: cd  D:\tools\nginx-1.8.1\ssl

(2) 创建私钥

     在命令行中执行命令: openssl genrsa -des3 -out gateway.key 1024     gateway文件名可以自定义)

(3)创建csr证书

     在命令行中执行命令:  openssl req -new -key gateway.key -out gateway.csr    (key文件为刚才生成的文件,gateway为自定义文件名)

(4)去除密码。

     在加载SSL支持的Nginx并使用上述私钥时除去必须的口令,否则会在启动nginx的时候需要输入密码。

     复制lee.key并重命名为lee.key.org 

     可以使用此命令行,也可以使用鼠标操作     copy gateway.key gateway.key.org

     去除口令,在命令行中执行此命令:  openssl rsa -in gateway.key.org -out gateway.key  gateway为自定义文件名)

     如下图所示,此命令需要输入刚才设置的密码。

(5)生成crt证书

     在命令行中执行此命令: openssl x509 -req -days 365 -in lee.csr -signkey gateway.key -out lee.crt  gateway为自定义文件名 365为有效日期 单位天)

4.nginx.conf 配置

#user  nobody;
worker_processes  1;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
	server_names_hash_bucket_size  64;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log  logs/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
    keepalive_timeout  65;
    gzip  on;
    server {
        listen       18099;
        server_name  localhost;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
        location / {
            root   html;
            index  index.html index.htm;
        }
        #error_page  404              /404.html;
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
	
	upstream TCompensatory {   
        server 127.0.0.1:8080;   
    }
	upstream TGateway {   
        server 127.0.0.1:8080;   
    }
	upstream TReBorrow {   
        server 127.0.0.1:8080;   
    }
	upstream TRegManager {   
        server 127.0.0.1:8080;   
    }
	upstream TReRey {   
        server 127.0.0.1:8080;   
    }
	
	include vhosts/TCompensatory/*;
	include vhosts/TGateway/*;
	include vhosts/TReBorrow/*;
	include vhosts/TRegManager/*;	
	include vhosts/TReRey/*;
	
}

vhost 里面文件配置

	server
        {
        listen       80;
        server_name   deposlendmanagerboss.dafy.com.cn;
        index index.htm index.html index.jsp login.htm main.htm foot.htm top.htm mobile.htm;
        root  D:/workspace/1016/DEPOSLendManager/target/DEPOSLendManager;
        charset utf-8;

        if (-d $request_filename)
                {
                        rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
                }
        location ~ ^/(manager|ROOT)/
                {
                        deny all;
                }
		location ~ ^/3/
		{
				proxy_set_header  Host $host:$server_port;
				proxy_set_header  X-Real-IP  $remote_addr;
				proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
				proxy_pass http://TRegManager;
		}
        location  /
                {
                        proxy_set_header  Host $host:$server_port;
                        proxy_set_header  X-Real-IP  $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_pass http://TRegManager/3/;
                }
        location ~ ^/(WEB-INF)/
                {
                        deny all;
                }
        location ~ \.(gif|jpg|jpeg|swf|png|bmp|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|xlsx|mp3|wma|apk|ipa)?$
                {
                        expires      1d;
                }
        location ~ \.(js|css)?$
                {
                        expires      1h;
                }
        }


      server
        {
        listen       443;
        server_name   deposlendmanagerboss.dafy.com.cn;
        index index.htm index.html index.jsp login.htm main.htm foot.htm top.htm mobile.htm;
        root  D:/workspace/1016/DEPOSLendManager/target/DEPOSLendManager;
        charset utf-8;

		ssl                  on;
        ssl_certificate      D:/tools/nginx-1.8.1/ssl/lifes.crt;
        ssl_certificate_key  D:/tools/nginx-1.8.1/ssl/lifes.key;
        ssl_session_timeout  5m;
        ssl_protocols TLSv1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers   on;

        location ~ ^/(manager|ROOT)/
                {
                        deny all;
                }
		location ~ ^/3/
                {
                        proxy_set_header  Host $host:$server_port;
                        proxy_set_header  X-Real-IP  $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_pass http://TRegManager;
                }
        location  /
                {
                        proxy_set_header  Host $host:$server_port;
                        proxy_set_header  X-Real-IP  $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_pass http://TRegManager/3/;
                }
        location ~ ^/(WEB-INF)/
                {
                        deny all;
                }
        location ~ \.(gif|jpg|jpeg|swf|png|bmp|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|xlsx|mp3|wma|apk|ipa)?$
                {
                        expires      1d;
                }
        location ~ \.(js|css)?$
                {
                        expires      1h;
                }
        }


5.nginx 起停

启动 :windows下直接点击nginx.exe 启动nginx

停止:.\nginx.exe -s stop

重启:.\nginx.exe -s reload

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值