首页 百科文章正文

并配置htntu安装

江苏天煌照明集团有限公司 - 智慧路灯-智能路灯-江苏天煌照明集团有限公司_路灯厂家2024-12-27百科574 浏览

一、需求

介绍: 我们在部署应用时,希望用到 Nginx ,并配置上 https 。我在网上看了很多文章,感觉都不是很系统。因此写下此文,以备日后使用。

二、安装 Nginx

  1. 获取安装包
    1. wget http://nginx.org/download/nginx-1.17.10.tar.gz
  2. 解压
    1. tar -zxvf nginx-1.17.10.tar.gz
  3. 配置 with-http_ssl_moudle。很关键
    1. ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module

    不过直接直接会报错

    1. ./configure: error: invalid option "--with-http_ssl_moudle"

    需要安装依赖包

    1. apt-get install gcc
    2. apt-get install libpcre3 libpcre3-dev
    3. apt-get install zlib1g zlib1g-dev
    4. # Ubuntu14.04的仓库中没有发现openssl-dev,由下面openssl和libssl-dev替代
    5. #apt-get install openssl openssl-dev
    6. sudo apt-get install openssl
    7. sudo apt-get install libssl-dev
    8. sudo apt-get install libpcre3 libpcre3-dev

    然后再运行上面的那一句

  4. 安装
    1. make
    2. make install

三、配置 https

  1. 将 https 的证书存放在 /usr/local/nginx/conf 目录下,我是新建了一个文件夹 cert
    20200518001354418-1
  2. 编辑配置文件 /usr/local/nginx/conf/nginx.conf 如下:
    1. server {
    2. listen 80;
    3. server_name 你的域名;
    4. return 301 https://你的域名$request_uri;
    6. #charset koi8-r;
    8. #access_log logs/host.access.log main;
    10. location / {
    11. proxy_pass http://127.0.0.1:8080;
    12. proxy_set_header Host $host;
    13. proxy_set_header X-Real-IP $remote_addr;
    14. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    15. proxy_set_header X-Forwarded-Proto $scheme;
    16. proxy_set_header X-Forwarded-Port $server_port;
    18. }
    19. }
    20. server {
    21. listen 443 ssl;
    22. server_name 你的域名;
    24. ssl_certificate cert/你的证书crt;
    25. ssl_certificate_key cert/你的证书key;
    27. #ssl_session_cache shared:(解析问题,去除改括号)SSL:1m;
    28. #ssl_session_timeout 5m;
    30. #ssl_ciphers HIGH:!aNULL:!MD5;
    31. ssl_session_timeout 24h;
    32. ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:(解析问题,去除改括号)ECDHE:(解析问题,去除改括号)ECDH:(解析问题,去除改括号)AES:(解析问题,去除改括号)HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    33. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    34. ssl_prefer_server_ciphers on;
    36. location / {
    37. proxy_pass http://127.0.0.1:8080;
    38. proxy_set_header Host $host;
    39. proxy_set_header X-Real-IP $remote_addr;
    40. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    41. proxy_set_header X-Forwarded-Proto $scheme;
    42. proxy_set_header X-Forwarded-Port $server_port;
    43. }
    45. location /pic {
    46. proxy_pass http://127.0.0.1:8081;
    47. proxy_set_header Host $host;
    48. proxy_set_header X-Real-IP $remote_addr;
    49. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    50. proxy_set_header X-Forwarded-Proto $scheme;
    51. proxy_set_header X-Forwarded-Port $server_port;
    52. }
    53. }

四、SpringBoot 配置使用

  1. 配置如下:
    1. server:
    2. port: 8080
    3. tomcat:
    4. remote-ip-header: x-forwarded-for
    5. protocol-header: x-forwarded-proto
    6. port-header: X-Forwarded-Port
    7. use-forward-headers: true
上一篇:做水煮虾,用冷水还是开水?原来一直做错,难怪虾又老又柴腥味重
下一篇:国外 Linux VPS 去程回程线路路由查询教程

相关推荐