📗
Notes
  • Introduction
  • Files
  • Android
    • Http
      • Http基础
      • Okhttp理解
    • Jetpack
      • Notes
  • Java ways
    • 101
      • Basis
        • Index
        • Front
          • Angular
            • Angular start 01
            • Angular start 02
          • Typescript
            • Index
            • Ts 01
        • Java
          • Concurrency
          • Frameworks
            • Jdbc与连接池
            • Rxjava基础
            • Spring框架基础
          • Sugar&skill
        • Tool
          • Docker
            • Docker basis
            • Kubernetes play
          • Git
            • Git basic
          • Vim
            • Vim advance
      • Cs
        • Imp
          • Lru
          • Index
    • Snippets
      • Jpa和spring系列注解表
      • Java与oracle数据库各种操作
      • Maven初始化template
      • Nginx配置
      • Nginx反代后配置自动ssl续签
      • 终端033颜色
    • Ways
      • Java ways 01
      • Interview
        • Question
        • Requirements
      • Leetcode101
        • Acwing
          • Index
          • 背包问题
        • Explores
        • Solutions
          • Algorithms
            • Index
          • Concurrency
            • Index
          • Shell
            • Index
          • Sql
            • Index
  • Leecode
    • 牛客
      • 剑指offer
  • Play
    • Youtube离线下载
  • Python basic notes
    • Python days
Powered by GitBook
On this page

Was this helpful?

  1. Java ways
  2. Snippets

Nginx反代后配置自动ssl续签

PreviousNginx配置Next终端033颜色

Last updated 4 years ago

Was this helpful?

   Author: Gentleman.Hu
   Create Time: 2020-11-13 13:56:23
   Modified by: Gentleman.Hu
   Modified time: 2020-11-13 13:59:37
   Email: justfeelingme@gmail.com
   Home: https://crushing.xyz
   Description:

Nginx配置反代后,如何自动续签ssl

  • 反代

  RewriteEngine On
  RewriteCond %{HTTP:Upgrade} =websocket [NC]
  RewriteRule /(.*)           ws://localhost:8080/$1 [P,L]
  RewriteCond %{HTTP:Upgrade} !=websocket [NC]
  RewriteRule /(.*)           http://localhost:8080/$1 [P,L]

  ProxyRequests off
  ProxyPass        / http://localhost:8080/ nocanon
  ProxyPassReverse / http://localhost:8080/
  • 自动续签

server {
  listen  443 ssl;
  listen       [::]:443 ssl;
  ssl_certificate       /data/example.com.pem;
  ssl_certificate_key   /data/example.com.pem;
  ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers           HIGH:!aNULL:!MD5;
  server_name           example.com;
  client_max_body_size    1000m;
  location ^~ /.well-known/acme-challenge/ {
        default_type "text/plain";
        allow all;
        root /var/www/example.com/;
   }

  location / { 
        proxy_redirect off;
        proxy_pass http://xxxxxxx:8000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;


        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

  }
  • 负载均衡

引用
https://blog.csdn.net/specter11235/article/details/79922149?depth_1-