以前曾經(jīng)實(shí)現(xiàn)過使用nginx實(shí)現(xiàn)https訪問以及二級(jí)域名跳轉(zhuǎn)����,然后很久沒用過�����,現(xiàn)在再走一遍以前的路卻走不通����。
服務(wù)器端口占用已經(jīng)顯示nginx在監(jiān)聽443端口����,但是沒辦法訪問�����,SSL證書也沒有到期�����,不知道問題出在哪兒��,希望各位指點(diǎn)一下����。
以下是nginx的配置代碼
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name *.abc.com;
if ($http_host ~* "^(.*?)\.abc\.com$") {
set $domain $1;
}
location / {
if ($domain ~* "main") {
proxy_pass http://abc.com:3001;
}
if ($domain ~* "chat") {
proxy_pass http://abc.com:3002;
}
if ($domain ~* "parking") {
proxy_pass http://abc.com:3003;
}
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /usr/local/nginx/html/;
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name abc.com;
server_name_in_redirect off;
ssl_certificate cert/****.pem;
ssl_certificate_key cert/****.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /usr/local/nginx/html/;
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name parking.abc.com;
server_name_in_redirect off;
#可以設(shè)置獨(dú)立的ssl認(rèn)證
ssl_certificate cert/****.pem;
ssl_certificate_key cert/****.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://abc.com:3001;
}
}
}
