2017-07-10发表2023-02-15更新Linux2 分钟读完 (大约230个字)0次访问nginx部署https反向代理tomcat上次部署https时没有记录,这次专门记录一下 首先申请证书……略 nginx配置: 123456789101112131415161718192021222324252627282930313233343536server { listen 80; # 监听443端口 listen 443 ssl; #这里是填你的域名 server_name stonewuu.com www.stonewuu.com; #charset koi8-r; #这里为证书路径以及证书的配置 ssl_certificate /etc/letsencrypt/live/stonewuu.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/stonewuu.com/privkey.pem; ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5"; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; #301重定向,将所有http请求重定向为https if ($scheme = http) { return 301 https://$host$request_uri; } #这里为lets encrypt证书需要的验证文件 location ^~ /.well-known/acme-challenge/ { default_type "text/plain"; root /opt/tomcat-8.5.9/blog_data; } #这里防止用户访问到lets encrypt验证文件的目录 location = /.well-known/acme-challenge/ { return 404; } # 反向代理,指向tomcat的地址 location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://localhost:8080; }}nginx部署https反向代理tomcathttps://www.stonewu.com/post/deploy-https-nginx-tomcat.html作者StoneWu发布于2017-07-10更新于2023-02-15许可协议#LinuxNginxTomcat