- A+
所属分类:linux技术
用的是express模板。下载的是阿里云Nginx证书。配完nginx.conf,可以用 nginx -t; 检查一下,只要提示is ok和successful就行,
然后重启用 sudo service nginx reload; 如果提示‘Redirecting to /bin/systemctl reload nginx.service’,没有关系。
重点证书不仅要放在Nginx里,项目也是要读取的,没写项目的部分,导致一直连不上,以此为戒。
http{ #nginx.conf里的一些基本配置,此处省略,重点是以下部分 #http配置 upstream aaa.com{ ip_hash; server 127.0.0.1:4000; } server { listen 80; server_name aaa.com www.aaa.com; location /{ proxy_pass http://aaa.com; root /home/officialWebsite/public; index index.html; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } # https配置 upstream bbb.com { server 127.0.0.1:4001; } server { listen 443 ssl; # listen [::]:443 ssl; server_name bbb.com; ssl_certificate /etc/nginx/xxx.pem; # 替换为你的SSL证书路径 ssl_certificate_key /etc/nginx/xxx.key; # 替换为你的SSL私钥路径 location / { proxy_pass https://bbb.com; root /home/officialWebsite/public; index index.html; #proxy_set_header Host $host; #proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-Proto $scheme; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } }
bin下的www要开2个端口,一个https,一个http指向。
#!/usr/bin/env node /** * Module dependencies. */ var app = require('../app'); var debug = require('debug')('officialwebsite:server'); var http = require('http'); var https = require('https'); var fs=require("fs"); var path = require('path'); /** * Get port from environment and store in Express. */ var httpPort = '4000';//http的端口号 var httpsPort = '4001';//https的端口号 var port = normalizePort(process.env.PORT || httpPort); app.set('port', port); /** * Create HTTP server. */ var server = http.createServer(app); /** * Listen on provided port, on all network interfaces. */ server.listen(port); server.on('error', onError); server.on('listening', onListening); /** * Normalize a port into a number, string, or false. */ function normalizePort(val) { var port = parseInt(val, 10); if (isNaN(port)) { // named pipe return val; } if (port >= 0) { // port number return port; } return false; } /** * Event listener for HTTP server "error" event. */ function onError(error) { if (error.syscall !== 'listen') { throw error; } var bind = typeof port === 'string' ? 'Pipe ' + port : 'Port ' + port; // handle specific listen errors with friendly messages switch (error.code) { case 'EACCES': console.error(bind + ' requires elevated privileges'); process.exit(1); break; case 'EADDRINUSE': console.error(bind + ' is already in use'); process.exit(1); break; default: throw error; } } /** * Event listener for HTTP server "listening" event. */ function onListening() { var addr = server.address(); var bind = typeof addr === 'string' ? 'pipe ' + addr : 'port ' + addr.port; debug('Listening on ' + bind); console.log('Listening on ' + bind); } var httpsweb={ key:fs.readFileSync(path.join(__dirname, 'xxx.key')),//# 替换为你的SSL私钥路径 cert:fs.readFileSync(path.join(__dirname, 'xxx.pem')),//# 替换为你的SSL证书路径 }; var sserver = https.createServer(httpsweb, app); sserver.listen(httpsPort); console.log('https',httpsPort)
