1.linux下nginx监听3001端口,此时访问的地址是:https://www.xxxx.com:3001
如果监听的是443 访问地址是 https://www.xxxx.com
server {
listen 3001 ssl;
server_name www.xxxx.com;
#root html;
index index.html index.htm;
ssl_certificate /xxx/xxxx/xxxx.pem; #需要将cert-file-name.pem替换成已上传的证书文件的名称。与windows不同Linux是从根路径下开始写/xxx/xxxx/xxxx.pem
ssl_certificate_key /xxx/xxxx/xxxx.key; #需要将cert-file-name.key替换成已上传的证书私钥文件的名称。
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
#servlet:
#context-path: /content
# content是后台java项目中yml文件配置的
location ^~ /content {
proxy_pass http://xxxx.xxxx.xxx.xx:port/content/; # 内网IP,port是后台端口
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#静态资源
location / {
root /xxxx/xxxxx; #静态资源所在文件夹从根路径开始
index index.html index.htm;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.html?s=$1 last;
break;
}
}
}
2windows下nginx监听443端口,此时使用https://www.xxx.com
server {
listen 443 ssl;
server_name www.xxx.com;
#root html;
index index.html index.htm;
ssl_certificate cert/xxxxx.pem; #cert在nginx的conf文件夹下
ssl_certificate_key cert/xxxxx.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
#servlet:
#context-path: /content
# content是后台java项目中yml文件配置的
location ^~ /content {
proxy_pass http://xxxx.xxx.xxx.xx:port/content/; # 内网IP
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#静态文件在nginx的xxxx文件夹下
location / {
root xxxx; #与nginx中html文件夹同级的xxxx文件夹
index index.html index.htm;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.html?s=$1 last;
break;
}
}
}