Transfer: https://www.cnblogs.com/magotzis/p/9456695.html
To the needs of the project will need to use some of nginx proxy https request to the http interface, so you want to take the test on the local environment, and now the process of recording it.
Generating a Certificate
1. openssl generate the key privkey.pem:
openssl genrsa -out privkey.pem 1024/2038
2. Use the key to generate a certificate server.pem:
openssl req -new -x509 -key privkey.pem -out server.pem -days 365
Certificate information can easily fill or empty, only the Common Name to be filled based on your domain name. As xxx.com, or two matches * .xxx.com domain.
Configuration ngnix
Due to my local Spring boot project is running on port 8080, so the configuration on ngnix I also did one 80-8080 port to convert.
Ngnix complete configuration is as follows.
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name a.com; location / { proxy_pass http://localhost:8080; } } # The HTTPS Server # Server { the listen SSL 443; server_name A.com; # certificate location ssl_certificate /data/server.pem; # path to the certificate generation path ssl_certificate_key /data/privkey.pem; # path to the certificate generation path # Shared ssl_session_cache: the SSL: 1M; ssl_session_timeout 5m; # protocol configuration ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers to the RSA-ECDHE-the AES128-GCM-the SHA256:! HIGH: aNULL: the MD5: the RC4: of DHE;!!! # forwarded to HTTP LOCATION / { proxy_pass http://a.com; } } the include Servers / *; }
A.com which is what I do in the local hosts file on a local map (127.0.0.1 a.com)
Authentication Configuration
Whether restart ngnix verify successful configuration
sudo nginx -t && sudo nginx -s reload
Before the order is in line to see, but in practice the order does not take effect in my local. If the command does not take effect on the first nginx off and then restart.
nginx -s stop nginx
Little pits
After configured during the same visit https requests always will be reported in the 404 odd (first, third ......), even number of times before they succeed. After investigation later found that the 80 has been arranged to convert 8080 Shihai made some configuration port 8080, as in FIG. After the configuration can be deleted.