1. 在阿里云: https://www.aliyun.com/product/security/markets/aliyun/product/cas 或者腾讯云: https://buy.cloud.tencent.com/ssl?fromSource=ssl 申请证书 (因为阿里云的感觉很慢, 所以我选择了腾讯云, 提交申请之后马上就可以下载证书文件)
2. 上传证书到服务器目录如 /etc/nginx/ssl 下
3. nginx配置 80 端口 转发到 443端口:
server { listen 80; server_name demo.example.com demo2.example.com; rewrite ^(.*)$ https://$host$1 permanent; }
4. nginx配置 443 端口配置:
upstream server1 { ip_hash; server localhost:8081; } server { # server1 # 注意如果配置了多个 443 ssl, 则需要任选一个 设置为 default listen 443 default ssl; server_name demo.example.com; ssl_certificate "/etc/nginx/ssl/1_demo.example_bundle.crt"; ssl_certificate_key "/etc/nginx/ssl/2_demo.example.key"; location /demo-api/ { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-NginX-Proxy true; proxy_pass http://bank; } }
5. 访问浏览器, 看到熟悉的小锁:
