自签文档链接
重点注意这块,不能写一样的,要是一样的话登录界面锁会报不安全
域名这块跟最后发布的一致
nginx配置的话
server {
listen 443 ssl; //ssl 说明为https 默认端口为443
server_name www.skyys.com; //跟openssl设置的域名保持一致
ssl_certificate /root/CA/root/server.crt; //这里是签证位置
ssl_certificate_key /root/CA/root/server.key; //这里是key
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
//转到83 https转到http,这样后端如果无别的长链接的话就可直接用,
//后端不用转https了;如果后端有websocket的话得在nginx配置才行,访问为 wss:
location / {
proxy_pass http://192.168.254.136:83;
}
}
server {
listen 83;
server_name _;
location / {
root /usr/local/src/lhd/dist;
index index.html index.htm;
}
ssl_prefer_server_ciphers on;
location ^~/api {
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://192.168.254.86:9124;
}
}