为了好管理我们在Nginx的配置文件nginx.conf最后面添加一条语句,Nginx目录根据实际情况自行修改
include /usr/local/nginx/conf/conf.d/*.conf;
这里的意思是引入conf.d目录下面的所有后缀为.conf的配置,这里应该也可以使用相对路径,Windows系统是可以的,Linux我没有测试,大家可以试一下。
然后在conf目录下面创建conf.d目录,并且在conf.d目录下面创建一个ssl.conf文件,内容如下
#配置443端口 server { # ssl配置 listen 443 ssl; # 域名 server_name www.xxx.com; #public key路径 ssl_certificate /usr/local/ssl/xxx.com.pem; #private key路径 ssl_certificate_key /usr/local/ssl/xxx.com.key; ssl_session_timeout 10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { #配置前端项目路径 root /home/www/admin/; try_files $uri $uri/ @router; index index.html index.htm; } location @router { rewrite ^.*$ /index.html last; } location /api/ { # 后端的真实接口 proxy_pass http://localhost:8080/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header Cookie $http_cookie; # for Ajax #fastcgi_param HTTP_X_REQUESTED_WITH $http_x_requested_with; proxy_set_header HTTP-X-REQUESTED-WITH $http_x_requested_with; proxy_set_header HTTP_X_REQUESTED_WITH $http_x_requested_with; proxy_set_header x-requested-with $http_x_requested_with; client_max_body_size 100m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 128k; proxy_buffers 32 32k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; } } #当访问80端口时,转发至443 server { listen 80; server_name www.xxx.com; rewrite ^(.*) https://$server_name$1 permanent; }
浏览器访问前端
https://www.xxx.com
前端访问后台接口的写法
https://www.xxx.com/api/接口名
这样同一个域名下就不会产生跨域了,同时也把https的域名配置好了
