why why 2022-08-06 18:32:11 阅读数:1,005
Nginx A reverse proxy makes it easy to implement server network configuration,本文记录使用 Nginx The container does a reverse proxy https 服务的方法.
Let me introduce my current experimental environment,Comrades with similar needs and environments can refer to my operating procedures
/share/ssldocker run --name=nginx -p 9443:443 -d --restart=always -v /share/ssl:/ssl nginx我是直接在 nginx The certificate created in the container,It is also possible to generate imports into the container on the server
A self-signed certificate will prompt you that the certificate is not approved when you log in to the websiteCA信任,It needs to be manually added to the list of locally trusted certificates It needs to be generated for easier accessCA证书 In fact I didn't manage to generate it myself,最终使用的SSL证书是在Baidu Smart Cloud Application的
/ssl 文件夹中:/ssl# ls
ca.csr ca.key ca_public.crt ca_public.srl server.crt server.csr server_private.key server_public.pem/etc/nginx/conf.d 文件夹中创建配置文件 test.confserver {
listen 443 ssl;
listen [::]:443 ssl;
# server_name localhost;
ssl_certificate /ssl/key1/server.crt;
ssl_certificate_key /ssl/key1/server.key;
location / {
proxy_set_header X-FORWARDED-FOR $remote_addr;
proxy_set_header X-FORWARDED-PROTO $scheme;
proxy_set_header Host $http_host;
proxy_pass http://192.168.xxx.xxx:xxxx;
}
}
service nginx reloadnginxIf there is an error, it will prompt after the command is entered
SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too smallcopyright:author[why why],Please bring the original link to reprint, thank you. https://en.javamana.com/2022/218/202208061814417997.html