欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

nginx配置多域名 https 转发

程序员文章站 2022-06-11 11:56:41
...

场景:

1、基于https的请求,是不能够请求http的非安全内容,所以我们的请求也需要对应的http
2、假设现在 web服务跟后台服务部署正在同一台机器上

web应用域名 a.xxx.com
后台服务网关域名 b.xxx.com

nginx配置文件:


user  root;
worker_processes  4;

worker_cpu_affinity 0001 0010 0100 1000;

events {
    use epoll;
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;


    sendfile        on;

    keepalive_timeout  65;

    gzip  on;


    server {
        listen       80;
        server_name  a.xxx.com;
        location / {
            root dq-game-web ;
            try_files $uri $uri/ @rewrite;
        }

	#301重定向 让http请求转定向到https地址
        return      301 https://$server_name$request_uri;
#  location @rewrite {
#            rewrite ^.*$ /index.html last;
#        }


        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

   server {
        listen       443 ssl;
        server_name a.xxx.com;

        ssl_certificate      /usr/local/nginx/ssl/xxx.pem;
        ssl_certificate_key  /usr/local/nginx/ssl/xxx.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            add_header Access-Control-Allow-Methods *;
            add_header Access-Control-Allow-Origin $http_origin;

            root  xxx;
            try_files $uri $uri/ @rewrite;

        }

        location @rewrite {
            rewrite ^.*$ /index.html last;
        }

   }


   server {
        listen       443 ssl;
        server_name  b.xxxt.com;

        ssl_certificate      /usr/local/nginx/ssl/xxx.pem;
        ssl_certificate_key  /usr/local/nginx/ssl/xxx.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        
  location / {
            proxy_redirect off;
            proxy_set_header   Host    $host;
            proxy_set_header   X-Real-IP   $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            #转到到本地网关
            proxy_pass http://localhost:18889;
        }

   }
}

相关标签: nginx https http