Nginx 和 node https配置
2018-03-08 11:52
92 查看
Nginx 和 node https配置
1.生成证书
自制CA私钥openssl genrsa -des3 -out ca.key 4096
自制CA证书
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
自制Server私钥,生成免密码版本
openssl genrsa -des3 -out server.key 4096 openssl rsa -in server.key -out server.nosecret.key
制作csr文件
openssl req -new -key server.key -out server.csr
用CA证书私钥对csr签名(CA不能用X509,这点需要注意)生成Server证书
openssl ca -days 3650 -in server.csr -cert ca.crt -keyfile ca.key -out server.crt
2.创建node服务端
安装node环境,新建demo文件夹。打开终端输入命令:npm init
npm install express
新建serve.js编写以下代码:
var app = require('express')(); var fs = require('fs'); var http = require('http'); var https = require('https'); var privateKey = fs.readFileSync('private.pem', 'utf8'); var certificate = fs.readFileSync('file.crt', 'utf8'); var credentials = {key: privateKey, cert: certificate}; var httpServer = http.createServer(app); var httpsServer = https.createServer(credentials, app); var PORT = 18080; var SSLPORT = 18081; httpServer.listen(PORT, function() { console.log('HTTP Server is running on: http://localhost:%s', PORT); }); httpsServer.listen(SSLPORT, function() { console.log('HTTPS Server is running on: https://localhost:%s', SSLPORT); }); // Welcome app.get('/', function(req, res) { if(req.protocol === 'https') {
终端运行开启服务:
node serve.js
3.添加ngnix服务
安装nginx,修改Nginx.cfg文件。server { listen 443; server_name localhost; ssl on; ssl_certificate ssl/server.crt; ssl_certificate_key ssl/server.nosecret.key; location /t { echo "Hello World"; } }
4.配置服务转发
配置转发实现http和https共同访问server { listen 80; server_name www.example.com; rewrite ^(.*)$ https://$host$1 permanent; } server { listen 443 ssl; server_name www.example.com; ssl on; ssl_certificate /home/admin/https/file.crt; ssl_certificate_key /home/admin/https/private.pem; location / { proxy_pass http://localhost:18080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } location /public { root /phpstudy/wishpeng; } }
相关文章推荐
- Nginx的编译安装以及简单配置
- windows下安装以及配置nginx
- CentOS 下用的是lnmp 的包配置Nginx 下的CI伪静态(搞爽了)
- Nginx 配置反向代理使用 Google fonts 字体并开启 HTTP2/SSL 支持
- Nginx配置详解
- Nginx+Tomcat 配置负载均衡
- Nginx高级配置之反向代理
- StartCom 申请 SSL 证书及 Nginx HTTPS 支持配置全攻略
- Nginx负载均衡配置
- nginx的安装和配置,域名跳转和负载均衡
- 【Nginx】如何使用http配置
- 架构师日记——Nginx的HTTP模块配置
- nginx配置ssl注意事项
- Nginx配置虚拟主机实例
- nginx 配置从零开始
- nginx 配置中文详解
- Nginx安装及配置文件nginx.conf详解
- nginx配置location
- CentOS 6.5 配置yum安装Nginx
- nginx配置详解二