最近,由于项目要实现登录和注册页面使用https方式访问,其他页面用http方式访问,环境就是tomcat+nginx,于是了解关于nginx的相关配置,
1.配置tomcat增加支持SSL;
2.配置nginx反向代理(但存在问题)],主要问题是怎么实现https和http之间切换及切换时使Session共享。
Tomcat配置:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
SSLEnabled="true" maxThreads="150"
scheme="https" secure="true" disableUploadTimeout="true"
enableLookups="false" acceptCount="100" clientAuth="false"
SSLCertificateFile="../conf/server.cer"
SSLCertificateKeyFile="../conf/server.key"
SSLCertificateChainFile="../conf/intermediate1.cer"
SSLVerifyClient="none" sslProtocol="TLS" />
nginx配置:
server {
listen 80;
server_name localhost:8080;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root yddweb;
#index index.html index.htm;
proxy_pass http://localhost:8080;
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Via "nginx";
}
# HTTPS server
#
server {
listen 443;
server_name localhost:8443;
ssl on;
ssl_certificate server.cer;
ssl_certificate_key server.key;
ssl_session_timeout 5m;
#ssl_protocols SSLv2 SSLv3 TLSv1;
#ssl_ciphers HIGH:!aNULL:!MD5;
#ssl_prefer_server_ciphers on;
location / {
root yddweb;
#index index.html index.htm;
proxy_pass https://localhost:8443;
proxy_set_header Host $host:443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Via "nginx";
}
}
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。