极客观点
项目管理
HarmonyOS
以前曾经实现过使用nginx实现https访问以及二级域名跳转,然后很久没用过,现在再走一遍以前的路却走不通。
服务器端口占用已经显示nginx在监听443端口,但是没办法访问,SSL证书也没有到期,不知道问题出在哪儿,希望各位指点一下。
以下是nginx的配置代码
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name *.abc.com;
if ($http_host ~* "^(.*?)\.abc\.com$") {
set $domain $1;
}
location / {
if ($domain ~* "main") {
proxy_pass http://abc.com:3001;
}
if ($domain ~* "chat") {
proxy_pass http://abc.com:3002;
}
if ($domain ~* "parking") {
proxy_pass http://abc.com:3003;
}
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /usr/local/nginx/html/;
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name abc.com;
server_name_in_redirect off;
ssl_certificate cert/****.pem;
ssl_certificate_key cert/****.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /usr/local/nginx/html/;
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name parking.abc.com;
server_name_in_redirect off;
#可以设置独立的ssl认证
ssl_certificate cert/****.pem;
ssl_certificate_key cert/****.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://abc.com:3001;
}
}
}
感觉第二条server规则会把第三条吃掉吧?
建议只留基础的,把其它的先去掉,然后一点点加。