[英]NGINX: ssl proxy based on path to multiple apps on localhost with different ports
我正在尝试将nginx配置为将请求代理到主机上运行的具有不同端口的其他服务器,具体取决于请求路径。 为了使事情复杂一点,我希望所有应用程序都使用ssl。 换句话说,我希望nginx执行以下操作:
https://www.example.com/app1 --> http://localhost:8001
https://www.example.com/app2 --> http://localhost:8002
https://www.example.com/app3 --> http://localhost:8003
...
到目前为止,我得到了什么(效果不佳):
# redirecting from http to https
server {
listen 80;
301 https://$host$request_uri;
}
# proxying path to port
server {
listen 443;
ssl_certificate /path/to/cert.pem
ssl_certificate_key /path/to/privkey.pem
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location /app1 {
proxy_pass http://localhost:8001
}
location /app2 {
proxy_pass http://localhost:8002
}
location /app3 {
proxy_pass http://localhost:8003
}
}
最终发生的是,nginx仅公开了一个特定的应用程序(该应用程序首先存在)。
关于我在做什么错的任何想法将不胜感激。 谢谢。
将nginc.conf替换为以下内容
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443;
root /usr/share/nginx/html;
ssl on;
ssl_certificate /etc/nginx/ssl/demo.com.crt;
ssl_certificate_key /etc/nginx/ssl/demo.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
chunked_transfer_encoding on;
location /app1 {
proxy_pass http://<private-ip>:8001
}
location /app2 {
proxy_pass http://<private-ip>:8002
}
location /app3 {
proxy_pass http://<private-ip>:8003
}
}
将.crt,.kry文件复制到所需的文件夹中
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.