使用Nginx配置SSL以及部署前端项目

梦想不抛弃苦心追求的人,只要不停止追求,你们会沐浴在梦想的光辉之中。再美好的梦想与目标,再完美的计划和方案,如果不能尽快在行动中落实,最终只能是纸上谈兵,空想一番。只要瞄准了大方向,坚持不懈地做下去,才能够扫除挡在梦想前面的障碍,实现美好的人生蓝图。使用Nginx配置SSL以及部署前端项目,希望对大家有帮助,欢迎收藏,转发!站点地址:www.bmabk.com,来源:原文

简单记录一下使用Nginx配置SSL以及部署前端项目

1、配置SSL

openssl pkcs12 -in cert.pfx -nodes -out cert.pem
cd /home/senwill-back/first_project/
ls
sh app.sh status
cd /etc/nginx/
ls
openssl pkcs12 -in cert.pfx -nodes -out cert.pem
cd /usr/lib/ssl
ls
cp openssl.cnf openssl.old.cnf
cd /usr/local/openssl/ssl/
ls
cp openssl.cnf /usr/lib/ssl/
openssl pkcs12 -in cert.pfx -nodes -out cert.pem
cd /etc/nginx
pwd
ls
openssl pkcs12 -in cert.pfx -nodes -out cert.pem
pwd
ls
openssl pkcs12 -in cert.pfx -nodes -out cert.pem
openssl rsa -in cert.pem -out cert.key
cd /usr/sbin/
ls
./nginx -t
pwd
cd /etc/nginx/
openssl x509 -in cert.pem -out cert.crt
cd /usr/sbin
ls
./nginx -t
./nginx -s reload

2、配置文件(nginx.conf)


#user  nobody; //设置使用Nginx服务的系统用户
user  root;
worker_processes  1; //工作进程数
 
#error_log  logs/error.log; //全局错误日志定义类型
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
 
#pid        logs/nginx.pid; //Nginx服务启动时的pid
 
 
events { //事件模块
    worker_connections  1024; //每个进程允许最大连接数
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
 
    #access_log  logs/access.log  main;
 
    sendfile        on;
    #tcp_nopush     on;
 
    #keepalive_timeout  0;
    keepalive_timeout  65; //服务端超时时间
 
    #gzip  on;
 
    # 80端口的服务
    server {
        listen       80;
        server_name  localhost;
 
        #charset koi8-r;
 
        #access_log  logs/host.access.log  main;
 
        location / {
            root   html;
            index  index.html index.htm;
        }
 
        #error_page  404              /404.html;
 
        # redirect server error pages to the static page /50x.html
        # 
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
 
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
 
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}
 
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
 
 
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
 
    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;
 
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
 
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;
 
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
    # 443端口的服务
    server {
        listen       443 ssl;
        server_name  example.com;
   
        ssl_certificate      cert.crt;
        ssl_certificate_key  cert.key;
   
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
   
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
 
        location ^~ /senwill/project_1/api {
            proxy_pass https://IP_1:Port_1;
            // 设置链接超时时间为3800秒
            proxy_read_timeout  3800s;
            proxy_connect_timeout 3800s;
            proxy_send_timeout 3800s;
            send_timeout 3800s;
        }
 
        location ^~ /senwill/project_1/ {
            root   html;
            index  index.html index.htm;
        }
 
        location ^~ /senwill/project_2/api {
            proxy_pass https://IP_2:Port_2;
            // 设置链接超时时间为3800秒
            proxy_read_timeout  3800s;
            proxy_connect_timeout 3800s;
            proxy_send_timeout 3800s;
            send_timeout 3800s;
        }
 
        location ^~ /senwill/project_2/ {
            root   html;
            index  index.html index.htm;
        }
    
        location ^~ /senwill/project_3/api {
            proxy_pass https://IP_3:Port_3;
            // 设置链接超时时间为3800秒
            proxy_read_timeout  3800s;
            proxy_connect_timeout 3800s;
            proxy_send_timeout 3800s;
            send_timeout 3800s;
        }
 
        location ^~ /senwill/project_3/ {
            root   html;
            index  index.html index.htm;
        }
    
        location ^~ /senwill/project_4/api {
            proxy_pass https://IP_4:Port_4;
            // 设置链接超时时间为3800秒
            proxy_read_timeout  3800s;
            proxy_connect_timeout 3800s;
            proxy_send_timeout 3800s;
            send_timeout 3800s;
        }
 
        location ^~ /senwill/project_4/ {
            root   html;
            index  index.html index.htm;
        }
    }
}

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。

文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/151159.html

(0)
飞熊的头像飞熊bm

相关推荐

发表回复

登录后才能评论
极客之音——专业性很强的中文编程技术网站,欢迎收藏到浏览器,订阅我们!