nginx 多端口转发 + SSL

1.代理多个项目至同一个端口,分发到不同域名

Server 1: springboot 端口配置(18080)

server:
  tomcat:
    uri-encoding: UTF-8
  port: 18080

Server 2: springboot 端口配置(28080)

server:
  tomcat:
    uri-encoding: UTF-8
  port: 28080

Nginx配置:


http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include      mime.types;
    default_type  application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include conf/*.conf;

    server {
        listen 80;
        server_name t1.test.com;
        index index.html index.htm index.php;

        location / {
            proxy_pass http://127.0.0.1:18080;
            proxy_set_header X_Real_IP $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
        }


        access_log  logs/pm1-nginx-access.log  main;
        error_log   logs/pm1-nginx-error.log error;
    }

    server {
        listen 80;
        server_name t2.test.com;
        index index.html index.htm index.php;
        
        location / {
            proxy_pass http://127.0.0.1:28080;
            proxy_set_header X_Real_IP $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
        }


        access_log  logs/pm2-nginx-access.log  main;
        error_log   logs/pm2-nginx-error.log error;
    }

}

htdocs配置:

127.0.0.1 t1.test.com
127.0.0.1 t2.test.com

启动、关闭命令:

#启动
start nginx
#关闭
nginx -s stop

SSL 配置:

修改nginx配置:(注意listen 443 ssl,这里添加SSL,以及下面SSL证书配置)

server {
        listen 443 ssl;
        server_name t1.test.com;
        index index.html index.htm index.php;

    ssl_certificate ssl/t1.0c4d.com_bundle.crt; #需要添加(这里是你的.pem文件地址)
    ssl_certificate_key ssl/t1.0c4d.com.key; #需要添加(这里是你的.key文件地址)
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    #表示使用的加密套件的类型。
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; #表示使用的TLS协议的类型。
    ssl_prefer_server_ciphers on;

        location / {
            proxy_pass https://127.0.0.1:18080;
            proxy_set_header X_Real_IP $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
        }


        access_log  logs/pm1-nginx-access.log  main;
        error_log   logs/pm1-nginx-error.log error;
    }

    server {
        listen 443 ssl;
        server_name t2.test.com;
        index index.html index.htm index.php;
        
    ssl_certificate ssl/t2.0c4d.com_bundle.crt; #需要添加(这里是你的.pem文件地址)
    ssl_certificate_key ssl/t2.0c4d.com.key; #需要添加(这里是你的.key文件地址)
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    #表示使用的加密套件的类型。
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; #表示使用的TLS协议的类型。
    ssl_prefer_server_ciphers on;

        location / {
            proxy_pass http://127.0.0.1:28080;
            proxy_set_header X_Real_IP $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
        }


        access_log  logs/pm2-nginx-access.log  main;
        error_log   logs/pm2-nginx-error.log error;
    }

}

ssl证书放到conf目录下

nginx 多端口转发 + SSL_第1张图片

 项目添加ssl证书配置:

debug: false
server:
  tomcat:
    uri-encoding: UTF-8
  port: 18080
  ssl:
    key-store: classpath:t1.0c4d.com.jks

 证书放至项目根目录:

nginx 多端口转发 + SSL_第2张图片

结果:https://t1.0c4d.com/ 跳转至项目1,https://t2.0c4d.com/ 跳转至项目2

2.代理不同项目到同一个端口,共用同一个项目

你可能感兴趣的:(Java,nginx,nginx,java,tomcat)