最后一步取消所有√再点完成 证书生成: 使用openssl生成密钥privkey.pem: openssl genrsa -out privkey.pem 1024 使用密钥生成证书server.pem: openssl req -new -x509 -key privkey.pem -out server.pem -days 365 Common Name (e.g. server FQDN or YOUR name) []: 设置成本地hosts配置的域名 2.nginx安装 http://nginx.org/download/nginx-1.14.0.zip 配置nginx.conf
http {
include mime.types;
default_type application/octet-stream;
server {
listen 80;
server_name it.accumulation.com;
location / {
proxy_pass http://localhost:8088;
}
}
server {
listen 443 ssl;
# 域名,实际情况下时,将这个改成域名 https://xx.cn
server_name it.accumulation.com;
ssl on;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
# 证书位置
ssl_certificate D:\sslkey\server.pem;#配我们生成的 nginx-1.14.0/https/xx.cn/server.pem;
ssl_certificate_key D:\sslkey\privkey.pem;#配我们生成的 nginx-1.14.0/https/xx.cn/privkey.pem;
location / {
proxy_pass http://it.accumulation.com;#这里的xx.cn 是我们需要转发的 ,配合 修改hosts文件 : 127.0.0.1 xx.cn
}
}
include servers/*;
}