nginx配置https如下
nginx 后面应用是对应的tomcat应用
server {
listen 80;
server_name xxxx.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443 ssl;
server_name xxxx.com;
ssl_certificate /app/nginx/1_xxxx.com_bundle.crt;
ssl_certificate_key /app/nginx/2_xxxx.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /wxqyhweb {
index index.html index.jsp;
proxy_pass http://10.1.0.3:8080/wxqyhweb;
server_name_in_redirect off;
## proxy_redirect default ;
proxy_redirect http:// https://;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 888m;
client_body_buffer_size 128k;
proxy_connect_timeout 100;
proxy_send_timeout 100;
proxy_read_timeout 100;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
nginx -t 测试配置文件没有问题的就可以启动了
问题是:
把proxy_redirect default ;改成 proxy_redirect http:// https://;
这个配置是解决重定向后https变成了http 的问题。
400 Bad Request: The plain HTTP request was sent to HTTPS port
在重新测试一下就可以了