- 安裝nginx
yum -y install nginx
- 去雲服務廠商購買一個域名,阿里雲、華為雲等都可以,獲取ssl證書
這一步 自己去做
- 下載ssl證書結業並上傳到服務器
修改ssl證書位置
mv 證書文件夾名稱 /usr/share/nginx/ssl - 配置nginx.conf
cd /etc/nginx
先備份一份初始配置文件,防止出錯或以后重置
cp nginx.conf nginx-backup.conf配置
vim nginx.conf
第一步:把原來的server全部打上注解
第二步:添加兩個server,配置上我們的信息
# PC端https配置 server{ # 監聽443端口 listen 443 ssl; server_name soldier.xin; ssl_certificate /usr/share/nginx/ssl/4275472_soldier.xin.pem; ssl_certificate_key /usr/share/nginx/ssl/4275472_soldier.xin.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; location / { root /usr/share/nginx/html; index index.html index.htm; } location /api { rewrite ^.+api/?(.*)$ /$1 break; include uwsgi_params; # 實際后台服務器地址,此地址就是http的,可以實現https轉發http(因為前端后台部署在同一台服務器) proxy_pass http://localhost:8082; proxy_set_header Cookie $http_cookie; proxy_set_header Host $host:$server_port; proxy_set_header Remote_Addr $remote_addr; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 1000m; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server{ # 監聽80端口:將80端口的請求轉到443 listen 80; server_name wdy.springbless.xin; rewrite ^/(.*)$ https://soldier.xin:443/$1 permanent; }
- 啟動、重啟nginx
# 啟動 systemctl start nginx # 重啟 systemctl restart nginx # 停止 systemctl stop nginx # 開機默認啟動 systemctl enable nginx - 檢驗是否配置成功
