Centos6.x / Centos7.x are available, tomcat has been launched at this time, two projects for the 8080,8082 ports
yum install openssl nginx -y
# Generate an RSA private key
openssl genrsa -des3 -out server.key 2048
# Des3 is an algorithm
# 2048 digits / strength
# Server.key key file name
# -Out: the path and file name generation
openssl req -new -key server.key -out server.csr
# -Key: Specifies the private key ca
# -Out: server.csr generate a certificate file
# Asking to fill in the following information:
Country Name (2 letter code) []:CN // 国家
State or Province Name (full name) []:BJ // 省份
Locality Name (eg, city) []: BJ // city
Organization Name (eg, company) []: bj // Organization
Organizational Unit Name (eg, section) []: bj // institutional sector
Common Name (eg, fully qualified host name) []:XXXX.com // 域名
Email Address []: [email protected] // E-mail address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: // certificate password, no password Enter
# Generates two files server.key server.csr
# Generated CA certificate
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
# X509: specified format
# -In: Specifies the request file
# -Signkey: Self-signed
# Generate a file for the server.crt
cp server.key server.csr server.crt /etc/nginx
vim /etc/nginx/conf.d/default.conf
upstream xxxx_upstream {
server 127.0.0.1:8082;
}
upstream yyyy_upstream {
server 127.0.0.1:8080;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name your domain name;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
location /xxxx {
proxy_set_header Host $http_host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://xxxx_upstream/xxxx;
}
location /yyyy {
proxy_set_header Host $http_host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://yyyy_upstream/yyyy;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server{
listen 443;
server_name your domain name;
ssl on;
root /usr/share/nginx/html;
ssl_certificate server.crt;
ssl_certificate_key server.key;
location /xxxx {
proxy_set_header Host $http_host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://xxxx_upstream/xxxx;
}
location /yyyy {
proxy_set_header Host $http_host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://yyyy_upstream/yyyy;
}
}
Note: The above configuration file xxxx, yyyy replace their own path corresponding to copy and paste the desired format align itself when
nginx -t
nginx -s reload
# You can use the domain name visit https +
# Pro-test no pit!