如何使用Express站点在ssl上运行我的nextjs
[英]How can I make my nextjs with Express site work on ssl
问题描述
We have a site running on Next.js and Express. 
我们有一个在Next.js和Express上运行的站点。 This is on a cPanel server with Aapche and together with nginx serving as reverse proxy. 这是在具有Aapche的cPanel服务器上,并与nginx一起用作反向代理。
I need to have ssl on the site. 我需要在网站上有ssl。 But I am quite confuused with how the configurations should be. 但我很清楚配置应该如何。
My server.js : 我的server.js:
const express = require('express')
const next = require('next')
const https = require('https');
const fs = require('fs');
//const forceSSL = require('express-force-ssl')
var ssl_options = {
key: fs.readFileSync('/home/myreactsite.key'),
cert: fs.readFileSync('/home/myreactsite.crt'),
};
const dev = process.env.NODE_ENV !== 'production'
const app = next({ dev })
const handle = app.getRequestHandler()
const favicon = require('serve-favicon')
const path = require('path')
app.prepare()
.then(() => {
const server = express()
server.use(favicon(path.join(__dirname, 'static', 'images', 'favicon.ico')))
server.get('*', (req, res) => {
return handle(req, res)
})
server.listen(3007, (err) => {
if (err) throw err
console.log('> Ready on http://localhost:3007')
})
var httpsServer = https.createServer(ssl_options,server).listen('8445', (err) => {
if (err) throw err
console.log('> Ready on https://localhost:8445')
})
})
.catch((ex) => {
console.error(ex.stack)
process.exit(1)
})
Apache runs on 8080 Nginx runs on 80 Next.js runs on both 3007 and 8445(I prefer it for ssl) Apache运行8080 Nginx运行80. Next.js运行3007和8445(我更喜欢ssl)
My Apache config contains the following to hide the port 3007 我的Apache配置包含以下内容以隐藏端口3007
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://myreactsite.com:3007/
The site works fine if I access it as http://myreactsite.com . 如果我将其作为http://myreactsite.com访问,该网站工作正常。 But it fails when I access https://myreactsite.com though I can access https version by specifying the port number as https://myreactsite.com:8445 但是当我访问https://myreactsite.com时失败但我可以通过将端口号指定为https://myreactsite.com:8445来访问https版本
I want to make it work without specifying the https port. 我想在不指定https端口的情况下使其工作。
How can I get my site to force all pages to https without specifying the port? 如何在不指定端口的情况下让我的网站强制所有页面都进行https?
2 个解决方案
解决方案1
1 已采纳 2017-07-22 22:01:54
You probably want to use Apache for all the SSL handling and listen to the 443 port, then proxy to your 3007 port. 您可能希望使用Apache进行所有SSL处理并侦听443端口,然后代理到您的3007端口。 Try this config: 试试这个配置:
<VirtualHost *:443>
ProxyPreserveHost On
ProxyRequests Off
ServerName myreactsite.com
ServerAlias myreactsite.com
ProxyPass / http://0.0.0.0:3007/
ProxyPassReverse / http://0.0.0.0:3007/
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /home/myreactsite.crt
SSLCertificateKeyFile /home/myreactsite.key
</VirtualHost>
To redirect all HTTP traffic then: 要重定向所有HTTP流量,请:
<VirtualHost *:80>
ServerName myreactsite.com
Redirect / https://myreactsite.com/
</VirtualHost>
解决方案2
0 2017-07-27 11:19:49
Based on @fabian comment, I am posting my working configurations if it helps someone... 基于@fabian评论,我发布我的工作配置,如果它可以帮助某人......
Added the following lines in the 443 virtual host section for the site in apache.conf : 在apache.conf中为站点的443虚拟主机部分添加了以下行:
ProxyPreserveHost On
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://example.com:3000/
ProxyPassReverse / http://example.com:3000/
SSLProxyEngine On
#To redirect to https and www version
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L]
Also, added the following line in the nginx vhost file for the site : 此外,在该站点的nginx vhost文件中添加了以下行:
server {
...
...
#To redirect all http requests to https+www
return 301 https://www.example.com$request_uri;
...
...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.