最近申请了SSL证书,但是需要保证历史http地址访问依然生效
所以需要在nginx中设置两个server,一个保证http访问从80被转发443,然后强制使用SSL证书加密了
server {
listen 80;
server_name www.test.com;
# permanent是301永久重定向,redirect是302临时重定向
rewrite ^(.*) https://$server_name$request_uri permanent;
}
server {
listen 443;
server_name www.test.com;
ssl on;
# 证书位置
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
# 以下内容是nginx cache,根据你的实际情况配置
location ~ .*\.(gz|jpg|jpeg|png|bmp|ico|js|css)$ {
proxy_cache mycache;
proxy_cache_valid 200 206 304 301 302 10d;
proxy_cache_key $uri;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header Nginx-Cache "$upstream_cache_status";
proxy_pass http://192.168.66.19:8090;
}
location / {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://192.168.66.19:8090;
}
}