|
小程序中在nginx上配置ssl,记住思路。
worker_processes 1;
events {
worker_connections 1024;
}
http{
#思路是通过80端口跳转到443端口(https) 然后通过443端口转发到服务地址
server {
listen 80;
server_name xxx.com;
#不写这句也可以
#rewrite ^(.*)$ https://${server_name}$1 permanent;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 443 ssl;
ssl_certificate C:/Users/xxx/Desktop/nginx-1.18.0/SSL/Nginx/server.crt; # 刚生成的crt
ssl_certificate_key C:/Users/xxx/Desktop/nginx-1.18.0/SSL/Nginx/server.key; # 刚生成的key
server_name xxx.com; # 你的域名
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://127.0.0.1:8001; # 本地服务器地址及端口
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Forward-Proto https;
proxy_http_version 1.1;
# for websocket
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
}
|