|
用的是express模板。下载的是阿里云Nginx证书。配完nginx.conf,可以用 nginx -t; 检查一下,只要提示is ok和successful就行,
然后重启用 sudo service nginx reload; 如果提示‘Redirecting to /bin/systemctl reload nginx.service’,没有关系。
重点证书不仅要放在Nginx里,项目也是要读取的,没写项目的部分,导致一直连不上,以此为戒。- http{
- #nginx.conf里的一些基本配置,此处省略,重点是以下部分
- #http配置
- upstream aaa.com{
- ip_hash;
- server 127.0.0.1:4000;
- }
- server {
- listen 80;
- server_name aaa.com www.aaa.com;
- location /{
- proxy_pass http://aaa.com;
- root /home/officialWebsite/public;
- index index.html;
- }
-
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- }
- # https配置
- upstream bbb.com {
- server 127.0.0.1:4001;
- }
-
- server {
- listen 443 ssl;
- # listen [::]:443 ssl;
- server_name bbb.com;
- ssl_certificate /etc/nginx/xxx.pem; # 替换为你的SSL证书路径
- ssl_certificate_key /etc/nginx/xxx.key; # 替换为你的SSL私钥路径
- location / {
- proxy_pass https://bbb.com;
- root /home/officialWebsite/public;
- index index.html;
- #proxy_set_header Host $host;
- #proxy_set_header X-Real-IP $remote_addr;
- #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- #proxy_set_header X-Forwarded-Proto $scheme;
- }
- error_page 404 /404.html;
- location = /404.html {
- root /usr/share/nginx/html;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root /usr/share/nginx/html;
- }
- }
- }
复制代码
bin下的www要开2个端口,一个https,一个http指向。- #!/usr/bin/env node
- /**
- * Module dependencies.
- */
- var app = require('../app');
- var debug = require('debug')('officialwebsite:server');
- var http = require('http');
- var https = require('https');
- var fs=require("fs");
- var path = require('path');
- /**
- * Get port from environment and store in Express.
- */
- var httpPort = '4000';//http的端口号
- var httpsPort = '4001';//https的端口号
- var port = normalizePort(process.env.PORT || httpPort);
- app.set('port', port);
- /**
- * Create HTTP server.
- */
- var server = http.createServer(app);
- /**
- * Listen on provided port, on all network interfaces.
- */
- server.listen(port);
- server.on('error', onError);
- server.on('listening', onListening);
- /**
- * Normalize a port into a number, string, or false.
- */
- function normalizePort(val) {
- var port = parseInt(val, 10);
- if (isNaN(port)) {
- // named pipe
- return val;
- }
- if (port >= 0) {
- // port number
- return port;
- }
- return false;
- }
- /**
- * Event listener for HTTP server "error" event.
- */
- function onError(error) {
- if (error.syscall !== 'listen') {
- throw error;
- }
- var bind = typeof port === 'string'
- ? 'Pipe ' + port
- : 'Port ' + port;
- // handle specific listen errors with friendly messages
- switch (error.code) {
- case 'EACCES':
- console.error(bind + ' requires elevated privileges');
- process.exit(1);
- break;
- case 'EADDRINUSE':
- console.error(bind + ' is already in use');
- process.exit(1);
- break;
- default:
- throw error;
- }
- }
- /**
- * Event listener for HTTP server "listening" event.
- */
- function onListening() {
- var addr = server.address();
- var bind = typeof addr === 'string'
- ? 'pipe ' + addr
- : 'port ' + addr.port;
- debug('Listening on ' + bind);
- console.log('Listening on ' + bind);
- }
- var httpsweb={
- key:fs.readFileSync(path.join(__dirname, 'xxx.key')),//# 替换为你的SSL私钥路径
- cert:fs.readFileSync(path.join(__dirname, 'xxx.pem')),//# 替换为你的SSL证书路径
- };
- var sserver = https.createServer(httpsweb, app);
- sserver.listen(httpsPort);
- console.log('https',httpsPort)
复制代码
来源:https://www.cnblogs.com/cyfhykx/p/17768639.html
免责声明:由于采集信息均来自互联网,如果侵犯了您的权益,请联系我们【E-Mail:cb@itdo.tech】 我们会及时删除侵权内容,谢谢合作! |
|