Nginx http升级到https

时间  2019-12-05 标签 nginx http 升级 https

http和https的区别是html

有的网站,http打开的时候,页面提示不安全,好比你点击下面的网站 【实际上是同一个网站】java

http://www.511easy.com/bug/login nginx

http://www.88bugs.com/bug/logintomcat

 

怎样才能去掉这个不安全的提示呢? 从http升级到https呗安全

最终效果看一下:服务器

 

  

若是目前有一个网站,要怎么升级为https呢网络

域名: 511easy.comsession

有域名了就能够申请免费的ssl证书,以下截图,基于各个Web服务器的证书,我这边用的是Nginxapp

那而后就须要配置nginx.conf的配置了,大概就是用下面的第三个,前两个是我用来保存的。网站

 https和http相比,更加安全,不尽然,用jmeter/charles/wireshark/fiddle等,生成一个证书,对https的网站都能进行轻易的抓包,大多数的网站和app,我都可以进行抓包

		upstream tomcatserver1 {
			server 127.0.0.1:8083;
			}
		upstream tomcatserver2 {
			server 127.0.0.1:8085;
			}
			
			
			
	server {
			listen       80;
			server_name  511easy.com;
	 
	 
			location / {
				proxy_pass   http://tomcatserver1;
				index  index.html index.htm;
			}     
		}
	server {
			listen       80;
			server_name  511easy.com;
	  
			location / {
				proxy_pass   http://tomcatserver2;
				index  index.html index.htm;
			}        
		}

  

worker_processes  1;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

	sendfile        on;

    keepalive_timeout  65;

    server {
        listen       80;
        server_name  88bugs;
		location / {
            proxy_pass http://localhost:8083;
        }
     }

	server {
        listen       80;
        server_name  jenkins;
		location / {
            proxy_pass http://localhost:8080;
        }
     }
}

  

 

worker_processes  1;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

	sendfile        on;

    keepalive_timeout  65;

 
	 server { 
	 listen 443 ssl; 
	 server_name www.511easy.com; 
	 
	 ssl 					on; 
	 ssl_certificate 		1_511easy.com_bundle.crt; 
	 ssl_certificate_key 	        2_511easy.com.key; 
	 ssl_session_timeout 	5m; 
		 
	 location / {
            proxy_pass http://localhost:8083;
        }
 
	 }
}

 

巩固一下这几个缩写名词的含义

 

HTTP --- Hyper Text Transfer Protocol,超文本传输协议,是一种创建在TCP上的无状态链接,整个基本的工做流程是客户端发送一个HTTP请求
HTTPS ---- Hyper Text Transfer Protocol over Secure Socket Layer 或 Hypertext Transfer Protocol Secure
全称是:超文本安全传输协议,能够简单理解为使用SSL加密传输的HTTP协议

 


HTTP的默认端口是80,HTTPS的默认端口是443
SSL是为网络通讯提供安全及数据完整性的一种安全协议。

 

为何要使用HTTPS
为了保护信息传输的安全性,数据完整性。让访客以为网站可信任,对于国内的网络环境,也能够防止宽带运营商强制给网站挂广告。

 

 若是但愿一台服务器上,两个端口,分别用不用的域名执行不一样的端口,Nginx能够这么配置

worker_processes  1;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

	sendfile        on;

    keepalive_timeout  65;

 
	 server { 
	 listen 443 ssl; 
	 server_name www.88bugs.com; 
	 
	 ssl_certificate 		1_88bugs.com_bundle.crt; 
	 ssl_certificate_key 	2_88bugs.com.key; 
	 ssl_session_timeout 	5m; 
		 
	 location / {
            proxy_pass http://localhost:8083;
        } 
	 }
	 
	 server { 
	 listen 443 ssl; 
	 server_name www.511easy.com; 
	 
	 ssl_certificate 		1_511easy.com_bundle.crt; 
	 ssl_certificate_key 	2_511easy.com.key; 
	 ssl_session_timeout 	5m; 
		 
	 location / {
            proxy_pass http://localhost:8085;
        } 
	 }
	 
	 
	 
}

  

https://www.88bugs.com/bug/login

https://www.511easy.com/   【目前修改后是指向另外一个端口的项目了】

联系我们 沪ICP备13005482号-10