Question

我有一个使用Let's Encrypt证书的网站。没有指定端口时，它可以正常工作。但是，我将4300端口用于SAP XSEngine，当我打开https://host.com:4300时，它不使用证书。

我想使其在网站上使用相同的证书，无论它是否带有端口。

我已经看过这些网站，但无法对其进行管理：

当前代码

upstream host01 { 
    server 1.1.1.1:8100; 
}

upstream host02 { 
    server 2.2.2.2:40000; 
}

upstream host03 { 
    server 3.3.3.3:8443; 
}

upstream host04 {
    server 2.2.2.2:40000;
}

upstream host05 {
    server 4.4.4.4:50000;
}

upstream host06 {
    server 5.5.5.5:4300;
}

server {
    listen       443 ssl;
    server_name host.com;

    include snippets/host-ssl.conf;

        ssl_session_timeout   10m;
        ssl_session_cache shared:WEB:10m;
        ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM;
        ssl_prefer_server_ciphers  on;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;


    #B1i
    location ~* ^(/B1iXcellerator) {

        client_max_body_size 30m;

        include b1c_proxy_common.conf;
        include b1c_proxy_common_ext.conf;

        proxy_set_header HOST $host:$server_port;  

        proxy_pass https://host03;  
    }

    #Analytics Platform
    location ~* ^(/Enablement|/IMCC|/sap|/DemandPlanning) {

        include b1c_proxy_common.conf;
        include b1c_proxy_common_ext.conf;

        proxy_set_header HOST $host:$server_port; 

        proxy_pass https://host02;
    }

    #BAS Gate Keeper
    location =/dispatcher/WebSocketService {

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        include b1c_proxy_common.conf;
        include b1c_proxy_common_ext.conf;

        proxy_pass https://host01;
    }
    location ~* (/dispatcher|/dispatcher/.*) {

        include b1c_proxy_common.conf;
        include b1c_proxy_common_ext.conf;

        proxy_set_header HOST $host:$server_port;

        proxy_pass https://host01;
    }

    #Mobile Service
    location ~* (/mobileservice|/mobileservice/.*){

        include b1c_proxy_common.conf;
        include b1c_proxy_common_ext.conf;

        proxy_set_header HOST $host:$server_port; 

        proxy_pass https://host04;
    }

        #ServiceLayer
        location ~* ^(/ServiceLayer)$ {

        rewrite ^(/ServiceLayer)$ /ServiceLayer/ permanent;
        rewrite ^(/servicelayer)$ /ServiceLayer/ permanent;

                client_max_body_size 30m;

                include b1c_proxy_common.conf;
                include b1c_proxy_common_ext.conf;

                proxy_set_header HOST $host:$server_port;

                proxy_pass https://host05;
        }
    location ~* ^(/ServiceLayer/*) {

        rewrite ^/ServiceLayer/(.*)$ /$1 break; 
        rewrite ^/servicelayer/(.*)$ /$1 break;

        include b1c_proxy_common.conf;
        include b1c_proxy_common_ext.conf;

        proxy_set_header HOST $host:$server_port;

        proxy_pass https://host05;
    }

        #XSEngine
        location ~* ^(/XSEngine)$ {

                rewrite ^(/XSEngine)$ /XSEngine/ permanent;
                rewrite ^(/xsengine)$ /XSEngine/ permanent;

                client_max_body_size 30m;

                include b1c_proxy_common.conf;
                include b1c_proxy_common_ext.conf;

                proxy_set_header HOST $host:$server_port;

                proxy_pass https://host06;
        }
        location ~* ^(/XSEngine/*) {

                rewrite ^/XSEngine/(.*)$ /$1 break;
                rewrite ^/xsengine/(.*)$ /$1 break;

                include b1c_proxy_common.conf;
                include b1c_proxy_common_ext.conf;

                proxy_set_header HOST $host:$server_port;

                proxy_pass https://host06;
        }


    location ~* \.(exe|sh)|\W(\.|~)\w+ { deny all; }

    location /monitoring {
        root /var/www/html;
        try_files /monitoring.html =404;
    }

    location / { deny all; }
}

nginx：在其他端口上使用SSL证书

当前代码

0 个答案: