nginx中如何配置ssl证书及springboot项目

最新推荐文章于 2024-08-08 15:34:27 发布

穆雄雄

最新推荐文章于 2024-08-08 15:34:27 发布

阅读量195

点赞数 1

分类专栏：实施/运维运维小鱼早晚安打卡文章标签： nginx ssl spring boot

本文链接：https://blog.csdn.net/qq_34137397/article/details/140450846

版权

实施/运维同时被 3 个专栏收录

47 篇文章 0 订阅

订阅专栏

运维

32 篇文章 0 订阅

订阅专栏

小鱼早晚安打卡

17 篇文章 0 订阅

订阅专栏

##red##
🔴
大家好，我是雄雄，欢迎关注微信公众号，雄雄的小课堂。

前言

每次发布新项目，都要去宝塔里面把原来的nginx配置信息拷贝过来，然后在改改，这次在这边做个记录

ssl证书的配置

1.这种是多个域名直接指向一个地址的

##博客项目
     server {
        listen       80;
        listen       443 ssl http2;
        server_name  xxx.com;
        gzip on;
         gzip_vary on;
         gzip_comp_level 9;
         gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
         gzip_disable "MSIE [1-6]\.";
       gzip_min_length 2048;
        
        if ($server_port !~ 443){
            rewrite ^(/.*)$ https://$host$1 permanent;
        }
        
        #证书地址
        ssl_certificate      /home/project/https/xxx.com.team_bundle.pem;
        ssl_certificate_key   /home/project/https/xxx.com.team.key;
        ssl_prefer_server_ciphers on;
 
       location / {
            root   /home/project/blog/web/web/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
        
        location /admin {
            alias   /home/project/blog/web/admin/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
        
        #公众号小游戏
        location /games {
            alias   /home/project/blog/web/games/fxq;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
       
        ##后台接口
        location ^~ /shiyi/ {
            proxy_pass http://127.0.0.1:8800;
            proxy_connect_timeout 300s;
            proxy_send_timeout 300s;
            proxy_read_timeout 300s;
        }
        
        ##内网穿透
        location ^~ /shiyi-local/ {
            ##proxy_pass http://127.0.0.1:6000/shiyi/;
            proxy_connect_timeout 300s;
            proxy_send_timeout 300s;
            proxy_read_timeout 300s;
        }
        
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    ## server结束

2.这种是单个域名指向一个前端文件

##博客项目
     server {
        listen       80;
        listen       443 ssl http2;
        server_name  xxx.com;
        gzip on;
         gzip_vary on;
         gzip_comp_level 9;
         gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
         gzip_disable "MSIE [1-6]\.";
       gzip_min_length 2048;
        
        if ($server_port !~ 443){
            rewrite ^(/.*)$ https://$host$1 permanent;
        }
        
        #证书地址
        ssl_certificate      /home/project/https/88688.xxx.com.pem;
        ssl_certificate_key   /home/project/https/xxx.com.team.key;
        ssl_prefer_server_ciphers on;
 
       location / {
            root   /home/project/blog/web/web/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
        
        location /admin {
            alias   /home/project/blog/web/admin/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
        
        #公众号小游戏
        location /games {
            alias   /home/project/blog/web/games/fxq;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
       
        ##后台接口
        location ^~ /shiyi/ {
            proxy_pass http://127.0.0.1:8800;
            proxy_connect_timeout 300s;
            proxy_send_timeout 300s;
            proxy_read_timeout 300s;
        }
        
        ##内网穿透
        location ^~ /shiyi-local/ {
            ##proxy_pass http://127.0.0.1:6000/shiyi/;
            proxy_connect_timeout 300s;
            proxy_send_timeout 300s;
            proxy_read_timeout 300s;
        }
        
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    ## server结束

3.这种得是crt文件和pem文件


##小鱼早晚安打卡小程序
     server {
        listen       80;
        listen       443 ssl http2;
        server_name  xcx.xxx.com.team;
        
        if ($server_port !~ 443){
            rewrite ^(/.*)$ https://$host$1 permanent;
        }
        
        #证书地址
        ssl_certificate      /home/project/blog/https/fullchain.crt;
        ssl_certificate_key   /home/project/blog/https/private.pem;
        ssl_prefer_server_ciphers on;
 
        location / {
            root   /home/project/blog/web/web/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
        
        location /admin {
            alias   /home/project/blog/web/admin/dist;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
        ##后台接口
        location ^~ /shiyi/ {
            proxy_pass http://127.0.0.1:8800;
            proxy_connect_timeout 300s;
            proxy_send_timeout 300s;
            proxy_read_timeout 300s;
            
        }
    }

普通http的配置


 ##机器人服务端
     server {
        listen       80;
        server_name  bot.xxx.com.team;
        
       location / {
          root /home/project/wechatbot/dist;
    			try_files $uri $uri/ /index.html;
          index  index.html index.htm;
      }
          
      location ^~ /prod-api/ {
    			proxy_pass http://127.0.0.1:8900/;
    			proxy_connect_timeout 300s;
    			proxy_send_timeout 300s;
    			proxy_read_timeout 300s;
    	}
    	 #词云地址
        location /ciyun {
            alias   /home/project/fastapi/ciyun;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
       }