nginx配置https
准备证书: 确保您已经拥有域名的 SSL 证书文件(一般包含
.crt
和.key
文件)。上传证书: 将证书文件上传到服务器的某个目录(例如
/etc/nginx/ssl/
),并确保 Nginx 对这些文件有读取权限。修改 Nginx 配置文件: 打开 Nginx 配置文件(通常在
/etc/nginx/nginx.conf
或/etc/nginx/sites-available/yourdomain.conf
),并在相应的虚拟主机配置中添加以下内容
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /etc/nginx/ssl/yourdomain.crt;
ssl_certificate_key /etc/nginx/ssl/yourdomain.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://localhost:8090;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 重定向 HTTP 到 HTTPS
server {
listen 80;
server_name yourdomain.com;
return 301 https://$server_name$request_uri;
}