测试环境的域名,之前只支持http。开发同学不知啥时候改了数据库配置,导致所有跳转到到了https了。所以得加上https访问。
配置文件之前是这样的:
1 server { 2 listen 80; 3 server_name web-sit.*******.com; 4 root /usr/share/nginx/*****-manage; 5 # Load configuration files for the default server block. 6 include /etc/nginx/default.d/*.conf; 7 location ~ \.(css|js)$ { 8 add_header Cache-Control public; 9 } 10 11 location / { 12 try_files $uri $uri/ /index.html; 13 } 14 #location /*****/infoManagement { 15 location /***** { 16 #try_files $uri $uri/ /index.html; 17 #proxy_pass http://10.202.70.152:8880; 18 proxy_pass http://10.206.230.213:8880; 19 proxy_set_header Host $host; 20 proxy_set_header X-Real-IP $remote_addr; 21 proxy_set_header REMOTE-HOST $remote_addr; 22 proxy_set_header X-Forwarded-For $remote_addr; 23 proxy_set_header X-Forwarded-Proto $scheme; 24 } 25 error_page 404 /404.html; 26 location = /40x.html { 27 } 28 29 error_page 500 502 503 504 /50x.html; 30 location = /50x.html { 31 } 32 }
查了些文档,表示要将443加上,得有证书。
于是从腾讯云生成了一个免费的ssl证书,下载后传到服务器。再配置到ng的配置文件里。
配置文件只需要修改监听端口,再加上证书路径;以及在443这段的后面再加上原来的80端口,将80的访问重定向到443的访问就好了。
1 server { 2 listen 443 ssl; 3 ssl on; 4 server_name web-sit.****.com; 5 ssl_certificate /home/appdeploy/nginx-pem/web-sit.****.com.pem; #证书路径 6 ssl_certificate_key /home/appdeploy/nginx-pem/web-sit.****.com.key; #证书路径
7 root /usr/share/nginx/ibu-****-manage;
8 # Load configuration files for the default server block. 9 include /etc/nginx/default.d/*.conf; 10 location ~ \.(css|js)$ { 11 add_header Cache-Control public; 12 } 13 14 location / { 15 try_files $uri $uri/ /index.html; 16 } 17 #location /sf-express/infoManagement { 18 location /sf-express { 19 #try_files $uri $uri/ /index.html; 20 #proxy_pass http://10.202.70.152:8880; 21 proxy_pass http://10.206.230.213:8880; 22 proxy_set_header Host $host; 23 proxy_set_header X-Real-IP $remote_addr; 24 proxy_set_header REMOTE-HOST $remote_addr; 25 proxy_set_header X-Forwarded-For $remote_addr; 26 proxy_set_header X-Forwarded-Proto $scheme; 27 } 28 error_page 404 /404.html; 29 location = /40x.html { 30 } 31 32 error_page 500 502 503 504 /50x.html; 33 location = /50x.html { 34 } 35 } 36 37 server { 38 listen 80; 39 server_name web-sit.****.com;
40 41 include /etc/nginx/default.d/*.conf; 42 rewrite ^(.*)$ https://$host$1 permanent; 43 44 45 }
最后,重启ng。