创建新的配置文件 javalc.conf
server { listen 80; server_name www.javalc.com; rewrite ^(.*)$ https://$server_name$1 permanent; } server { listen 443 ssl; server_name www.javalc.com; ssl on; ssl_certificate /cert/6003766_www.javalc.com.pem; ssl_certificate_key /cert/6003766_www.javalc.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; client_max_body_size 100M; server_name_in_redirect off; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { root /home/nginx-host/web; index index.html index.htm; } }
配置文件二 api_javalc.conf
server { listen 80; server_name api.javalc.com; rewrite ^(.*)$ https://$server_name$1 permanent; } server { listen 443 ssl; server_name api.javalc.com; ssl on; ssl_certificate /cert/6003766_api.javalc.com.pem; ssl_certificate_key /cert/6003766_api.javalc.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; client_max_body_size 100M; server_name_in_redirect off; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { root /home/nginx-host/web; index index.html index.htm; } }
划重点:
重点一
rewrite ^(.*)$ https://$server_name$1 permanent;
重点二
server_name *.*.*; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
评论区