关于tomcat+Nginx https配置问题-问答-阿里云开发者社区-阿里云

开发者社区> 问答> 正文

关于tomcat+Nginx https配置问题

落地花开啦 2016-05-26 17:54:44 2690

最近,由于项目要实现登录和注册页面使用https方式访问,其他页面用http方式访问,环境就是tomcat+nginx,于是了解关于nginx的相关配置,
1.配置tomcat增加支持SSL;
2.配置nginx反向代理(但存在问题)],主要问题是怎么实现https和http之间切换及切换时使Session共享。

Tomcat配置:

<Connector port="8080" protocol="HTTP/1.1"
        connectionTimeout="20000"
        redirectPort="8443" />
     
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
        SSLEnabled="true" maxThreads="150"
        scheme="https" secure="true" disableUploadTimeout="true"
        enableLookups="false" acceptCount="100" clientAuth="false"
        SSLCertificateFile="../conf/server.cer"
        SSLCertificateKeyFile="../conf/server.key"
        SSLCertificateChainFile="../conf/intermediate1.cer"
        SSLVerifyClient="none" sslProtocol="TLS" />

nginx配置:

server {
    listen       80;
    server_name  localhost:8080;
 
    #charset koi8-r;
 
    #access_log  logs/host.access.log  main;
 
    location / {
        root   yddweb;
        #index  index.html index.htm;
    proxy_pass http://localhost:8080;
    proxy_set_header Host $host:80;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Via "nginx";
    }
 
# HTTPS server
#
server {
    listen       443;
    server_name  localhost:8443;
 
    ssl                  on;
    ssl_certificate      server.cer;
    ssl_certificate_key  server.key;
 
    ssl_session_timeout  5m;
 
    #ssl_protocols  SSLv2 SSLv3 TLSv1;
    #ssl_ciphers  HIGH:!aNULL:!MD5;
    #ssl_prefer_server_ciphers   on;
 
    location / {
        root   yddweb;
        #index  index.html index.htm;
    proxy_pass https://localhost:8443;
    proxy_set_header Host $host:443;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Via "nginx";
    }
}
应用服务中间件 网络安全 nginx
分享到
取消 提交回答
全部回答(1)
  • 落地花开啦
    2019-07-17 19:16:43

    Tomcat 要将 redirectPort='8443' 改为 443,其他没有什么问题

    0 0
开发与运维
使用钉钉扫一扫加入圈子
+ 订阅

集结各类场景实战经验,助你开发运维畅行无忧

推荐文章
相似问题
推荐课程