zoukankan      html  css  js  c++  java
  • 使用Docker安装的nginx配置HTTPS证书

    创建容器 ,启动docker后台运行

    docker run -p 80:80 --name five-nginx -p 443:443 -v /data/nginx/cert:/etc/nginx/cert -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/log:/var/log/nginx -d nginx
    

    配置nginx文件

    /data/nginx/conf/nginx.conf
    
    user  nginx;
    worker_processes  1;
    
    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;
    
    
    events {
        worker_connections  1024;
    }
    
    
    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;
    
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        sendfile        on;
        #tcp_nopush     on;
    
        keepalive_timeout  65;
    
        #gzip  on;
    
        include /etc/nginx/conf.d/*.conf;
      
        server {
      		listen 80;
      		server_name www;
      		return 301 https://$host$request_uri;
      	}
      	server {
      		listen 443;
      		server_name www.;
      		 
      		ssl on;
      		index index.html;
      		ssl_certificate   /etc/nginx/cert/1637167_www..pem;
      		ssl_certificate_key  /etc/nginx/cert/1637167_www..key;
      		ssl_session_timeout 5m;
      		ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
      		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      		ssl_prefer_server_ciphers on;
      	 
      		location / {
      			proxy_set_header X-Forwarded-Host $host;
      			proxy_set_header X-Forwarded-Proto $scheme;
      			proxy_set_header X-Real-IP $remote_addr;
      			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      			proxy_set_header Host $http_host;
      			proxy_redirect off;
      			expires off;
      			sendfile off;
      			proxy_pass http://www..work;
      		}
      		
      #		location /xsp/ {		#路由访问路径server1到集群1
      #           proxy_set_header X-Forwarded-Host $host;
      #			proxy_set_header X-Forwarded-Proto $scheme;
      #			proxy_set_header X-Real-IP $remote_addr;
      #			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      #			proxy_set_header Host $http_host;
      #			proxy_redirect off;
      #			expires off;
      #			sendfile off;
      #			proxy_pass http://upstream_xsp;
      #        }
      	  }
    
        upstream www.ylbx.work{
           server 127.0.0.1:8080;
        }
    }
    

    把cert阿里云中下载的crt,key放入指定的目录cert中。

    /data/nginx/cert/
    

    在这里插入图片描述

  • 相关阅读:
    bzoj 4012: [HNOI2015]开店
    POJ 1054 The Troublesome Frog
    POJ 3171 Cleaning Shifts
    POJ 3411 Paid Roads
    POJ 3045 Cow Acrobats
    POJ 1742 Coins
    POJ 3181 Dollar Dayz
    POJ 3040 Allowance
    POJ 3666 Making the Grade
    洛谷 P3657 [USACO17FEB]Why Did the Cow Cross the Road II P
  • 原文地址:https://www.cnblogs.com/hzcya1995/p/13300594.html
Copyright © 2011-2022 走看看