Https requests revolutions achieved with nginx http request (rpm)

Transfer: https://www.cnblogs.com/magotzis/p/9456695.html

 

To the needs of the project will need to use some of nginx proxy https request to the http interface, so you want to take the test on the local environment, and now the process of recording it.

Generating a Certificate

1. openssl generate the key privkey.pem:

openssl genrsa -out privkey.pem 1024/2038

2. Use the key to generate a certificate server.pem:

openssl req -new -x509 -key privkey.pem -out server.pem -days 365

Certificate information can easily fill or empty, only the Common Name to be filled based on your domain name. As xxx.com, or two matches * .xxx.com domain.

Configuration ngnix

Due to my local Spring boot project is running on port 8080, so the configuration on ngnix I also did one 80-8080 port to convert.

Ngnix complete configuration is as follows.

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server { 
        listen       80;    
        server_name  a.com;
        location / {
            proxy_pass http://localhost:8080;
        }
    } 


    # The HTTPS Server 
    # 
    Server { 
        the listen SSL 443; 
        server_name A.com; 
    # certificate location 
        ssl_certificate /data/server.pem; # path to the certificate generation path 
        ssl_certificate_key /data/privkey.pem; # path to the certificate generation path 

    # Shared ssl_session_cache: the SSL: 1M; 
        ssl_session_timeout 5m; 
        # protocol configuration 
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;          
        ssl_ciphers to the RSA-ECDHE-the AES128-GCM-the SHA256:! HIGH: aNULL: the MD5: the RC4: of DHE;!!! 

        # forwarded to HTTP 
        LOCATION / { 
           proxy_pass http://a.com; 
        } 
    } 
    the include Servers / *; 
}
    

A.com which is what I do in the local hosts file on a local map (127.0.0.1 a.com)

Authentication Configuration

Whether restart ngnix verify successful configuration

sudo nginx -t && sudo nginx -s reload

Before the order is in line to see, but in practice the order does not take effect in my local. If the command does not take effect on the first nginx off and then restart.

nginx -s stop
nginx

Little pits

After configured during the same visit https requests always will be reported in the 404 odd (first, third ......), even number of times before they succeed. After investigation later found that the 80 has been arranged to convert 8080 Shihai made some configuration port 8080, as in FIG. After the configuration can be deleted.