Nginx或tomcat8配置https

前提申请免费域名https证书

一、nginx配置https并转发到tomcat

1、Nginx配置文件

server {
    listen       80;
    listen       443 ssl default_server;
    server_name  {域名};
    # root         /usr/share/nginx/html;

    # 解释：当此虚拟站点只允许https访问时，当用http访问时nginx会报出497错误码
    ssl on;
    error_page 497  https://$host$uri$args;
    
    ssl_certificate     /etc/nginx/cer/{域名}.crt;   #证书路径
    ssl_certificate_key /etc/nginx/cer/{域名}.key;   #私钥路径
    
    ssl_session_cache   shared:SSL:10m;
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDH:AESGCM:HIGH:RSA+3DES:!RC4:!DH:!MD5:!aNULL:!eNULL;
    ssl_prefer_server_ciphers on;
    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;
    client_max_body_size 50m;
    location / {
            proxy_redirect off;
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header Host      $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_redirect default ;
        
    }
    error_page 404 /404.html;
        location = /40x.html {
    }
    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

2、 nginx配置如上之后，tomcat需配置如下

二、tomcat配置https

欢迎扫码关注公众号，不定期更新一些干货