server {
listen 80;
#listen [::]:4000 default_server;
server_name www.xxx.com xxx.com;
#root /usr/share/nginx/html;
#root /home/kkfor/koa-blog/admin/dist;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
#rewrite ^(.*) https://$host$1 permanent;
ssl on;
ssl_certificate 1_xxx.com_bundle.crt;
ssl_certificate_key 2_xxx.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照>这个套件配置
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
#proxy_redirect off;
#proxy_http_version 1.1;
#proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection $connection_upgrade;
try_files $uri $uri/ /index.html last;
index index.html;
}
1
secretman 2018-05-12 00:00:39 +08:00 via iPhone
80 ???
|
2
Junghh 2018-05-12 00:00:47 +08:00
没 listen 443 腾讯云 SSL 证书?
可以看看我以前的示例 https://junghh.oss-cn-shanghai.aliyuncs.com/miji/conf%E7%A4%BA%E4%BE%8B.txt 或我自己记录的 HTTPS 步骤 https://onepi.cc/web1/ |
3
letitbesqzr 2018-05-12 00:07:55 +08:00
报错呢,错误信息 错误截图呢,啥都没,谁知道你报的啥错啊。监听 80 也是可以的 https://xxx.com:80 这样访问。
|
4
hacklele 2018-05-12 01:57:29 +08:00
|
5
hacklele 2018-05-12 01:57:45 +08:00
<a href="https://imgchr.com/i/CBnj41"><img src="https://s1.ax1x.com/2018/05/12/CBnj41.png" alt="CBnj41.png" border="0" /></a>
|
6
Keyblade 2018-05-12 02:10:17 +08:00
|
8
yantianqi OP listen 443 后 https 成功
开启这个后 rewrite ^(.*) https://$host$1 permanent; 网页提示多次重定向,打不开。 |
10
henryshen233 2018-05-12 08:39:02 +08:00 via iPhone
Listen [Port] ssl;
比如 Listen 8080 ssl; |
11
580a388da131 2018-05-12 08:40:18 +08:00
@yantianqi 这个规则得先判断是不是 http。你这 80、443 合在一起写的情况不判断会无限循环重定向。
|
12
BFDZ 2018-05-12 09:03:25 +08:00 via Android
配置文件里写两个 server,第一个 server 只监听 443,第二 server 只监听 80,做 301 调整到 https
|
13
Hardrain 2018-05-12 09:31:46 +08:00
listen 80 和 listen 443 ssl ( http2)要放在两个不同的 server{}里
你这样子即便已经通过 https(443)访问,nginx 还是会发重定向,而且是重定向到当前访问的 url 浏览器当然会报重定向循环 |
14
Stlin 2018-05-12 10:29:46 +08:00
https 你用 80 端口?
|
15
caola 2018-05-12 14:10:38 +08:00
@yantianqi 你可以参考这样的配置 https://www.v2ex.com/t/286552#r_3285670
|