kkviewfile 实现nginx反向代理+https

Stu-Van

已于 2022-09-09 10:55:53 修改

阅读量6.1k

点赞数 11

分类专栏：分享文章标签： nginx https

于 2022-07-29 17:03:40 首次发布

本文链接：https://blog.csdn.net/qq_41941256/article/details/126059262

版权

分享专栏收录该内容

7 篇文章 0 订阅

订阅专栏

1.配置nginx文件，我这里是使用腾讯云申请的https

    server {
        #SSL 访问端口号为 443
        listen 443 ssl; 
 		# listen 80; 
        #填写绑定证书的域名
        server_name  xx; 
        #证书文件名称
        ssl_certificate  /etc/nginx/conf/certificate/你的证书.crt; 
        #私钥文件名称
        ssl_certificate_key  /etc/nginx/conf/certificate/你的证书.key; 
        ssl_session_timeout 5m;
        #请按照以下协议配置
        ssl_protocols TLSv1.2 TLSv1.3; 
        #请按照以下套件配置，配置加密套件，写法遵循 openssl 标准。
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 
        ssl_prefer_server_ciphers on;
       
			location /preview{
			        proxy_set_header Host $host;  
					proxy_set_header X-Real-IP $remote_addr;  
					proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
					# 本地运行的kkFileView的地址
					proxy_pass http://127.0.0.1:8012;
			  }
        }

2.修改kkfileview的application.properties配置

server.servlet.context-path= /preview/
base.url= https://你的域名/preview/

3.重启，访问路径

https://你的路径/preview/onlinePreview?url=xxx

3.1 如果访问出错，并且报错信息是下图

在这里插入图片描述

两种解决方案
第一用我打包好的jar，下载替换就行
代码是 2021年7月6日，v4.0.0 版本
下载地址：链接: https://pan.baidu.com/s/1yqJDa75tokAWQhn_tfCOmA?pwd=ribv 提取码: ribv

第二你自己在gitee拉取代码进行处理

如果拉取中报错
error: RPC failed； curl 18 transfer closed with outstanding read data remaining error: 2406 bytes of
原因：缓存区溢出curl的postBuffer的默认值太小，需要增加缓存

使用git命令增大缓存（单位是b，524288000B也就500M左右）
git config --global http.postBuffer 524288000
使用git config --list查看是否生效

2.1新增工具类

package cn.keking.utils;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.net.ssl.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
 * @Author: 
 * @Create: 2022/7/29 16:31
 */

public class SslUtils {
    private final static Logger logger = LoggerFactory.getLogger(SslUtils.class);

    private static void trustAllHttpsCertificates() throws Exception {
        TrustManager[] trustAllCerts = new TrustManager[1];
        TrustManager tm = new miTM();
        trustAllCerts[0] = tm;
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, null);
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    }

    static class miTM implements TrustManager, X509TrustManager {
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public boolean isServerTrusted(X509Certificate[] certs) {
            return true;
        }

        public boolean isClientTrusted(X509Certificate[] certs) {
            return true;
        }

        public void checkServerTrusted(X509Certificate[] certs, String authType)
                throws CertificateException {
            return;
        }

        public void checkClientTrusted(X509Certificate[] certs, String authType)
                throws CertificateException {
            return;
        }
    }

    /**
     * 忽略HTTPS请求的SSL证书，必须在openConnection之前调用
     * @throws Exception
     */
    public static void ignoreSsl(){
        HostnameVerifier hv = new HostnameVerifier() {
            public boolean verify(String urlHostName, SSLSession session) {
                return true;
            }
        };
        try {
            trustAllHttpsCertificates();
        } catch (Exception e) {
            e.printStackTrace();
            logger.error("忽略https失败");
        }
        HttpsURLConnection.setDefaultHostnameVerifier(hv);
    }
}

2.2打开DownloadUtils找到ReturnResponse并替换

 /**
     * @param fileAttribute fileAttribute
     * @param fileName      文件名
     * @return 本地文件绝对路径
     */
    public static ReturnResponse<String> downLoad(FileAttribute fileAttribute, String fileName) {
       String urlStr = fileAttribute.getUrl().replaceAll("\\+", "%20");
        ReturnResponse<String> response = new ReturnResponse<>(0, "下载成功!!!", "");
        String realPath = DownloadUtils.getRelFilePath(fileName, fileAttribute);
        try {
            URL url = WebUtils.normalizedURL(urlStr);
            SslUtils.ignoreSsl();
            if (!fileAttribute.getSkipDownLoad()) {
                if (isHttpUrl(url)) {
                    File realFile = new File(realPath);
                    FileUtils.copyURLToFile(url, realFile);
                } else if (isFtpUrl(url)) {
                    String ftpUsername = WebUtils.getUrlParameterReg(fileAttribute.getUrl(), URL_PARAM_FTP_USERNAME);
                    String ftpPassword = WebUtils.getUrlParameterReg(fileAttribute.getUrl(), URL_PARAM_FTP_PASSWORD);
                    String ftpControlEncoding = WebUtils.getUrlParameterReg(fileAttribute.getUrl(), URL_PARAM_FTP_CONTROL_ENCODING);
                    FtpUtils.download(fileAttribute.getUrl(), realPath, ftpUsername, ftpPassword, ftpControlEncoding);
                } else {
                    response.setCode(1);
                    response.setMsg("url不能识别url" + urlStr);
                }
            }
            response.setContent(realPath);
            response.setMsg(fileName);
            return response;
        } catch (IOException | GalimatiasParseException e) {
            logger.error("文件下载失败，url：{}", urlStr, e);
            response.setCode(1);
            response.setContent(null);
            if (e instanceof FileNotFoundException) {
                response.setMsg("文件不存在!!!");
            } else {
                response.setMsg(e.getMessage());
            }
            return response;
        }
    }