我正在尝试将Nginx服务器配置为在443以外的其他端口上接受ssl连接。
问题是:
我已经配置了nginx,以便可以在https://example.com访问我的后端应用程序。对https://example.com的呼叫被重定向到http:// localhost:9000,我的前台在此启动。
我在http:// localhost:8380的该服务器上启动了一个qgis服务器,我希望https://example.com:8380引导我到该地址(http:// localhost:8380)。
我试图做这样的事情,但是没有成功:
server {
listen 443 ssl;
server_name example.com;
client_max_body_size 5m;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate /etc/nginx/certs/example.com.crt;
ssl_certificate_key /etc/nginx/certs/example.com.key;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
location / {
proxy_pass http://localhost:9000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
}
server {
listen 8380 ssl;
server_name example.com;
client_max_body_size 5m;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate /etc/nginx/certs/example.com.crt;
ssl_certificate_key /etc/nginx/certs/example.com.key;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
location / {
proxy_pass http://localhost:8380;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
}
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
我在做什么错了?