Nginx配置http转https以及https访问http静态
2019-03-18 本文已影响0人
jumper996
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name www.xxx.com;
root /usr/share/nginx/html;
ssl_certificate xxx.crt;#配置证书位置
ssl_certificate_key xxxx.key;#配置秘钥位置
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
add_header Content-Security-Policy upgrade-insecure-requests;
proxy_pass http://www.xxx.com:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name www.xxxx.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
#其实应该配置到这里就可以了,将80端口的访问转发到443端口
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
add_header Content-Security-Policy upgrade-insecure-requests;
proxy_pass http://www.xxx.com:8080;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
}
}