nginx+tomcat+https導入レコード
2300 ワード
1.環境説明
2.openssl生成証明書
3.構成の変更
nginx.conf
tomcat,server.xml
4.起動
5.アクセス
6.備考
win7 64
nginx-1.9.4
apache-tomcat-7.0.63
2.openssl生成証明書
#key
openssl genrsa -des3 -out server.key 2048
# key
openssl rsa -in server.key -out server.key
# CA crt
openssl req -new -x509 -key server.key -out server.crt -days 3650
3.構成の変更
nginx.conf
upstream tomcat {
server 127.0.0.1:8080 fail_timeout=0;
}
# HTTPS server
server {
listen 443 ssl;
server_name localhost;
ssl_certificate E:\wcp-web\server.crt;
ssl_certificate_key E:\wcp-web\server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
location / {
root html;
index index.html index.htm;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
proxy_connect_timeout 240;
proxy_send_timeout 240;
proxy_read_timeout 240;
# note, there is not SSL here! plain HTTP is used
proxy_pass http://tomcat;
}
}
tomcat,server.xml
4.起動
tomcat
startup.bat
Nginx
cmd
cd D:
ginx-1.9.4
D:
ginx-1.9.4>nginx
Nginx
D:
ginx-1.9.4>nginx -s stop
5.アクセス
https://localhost/
6.備考
windows nginx ssl key ,
, :
2011/04/18 09:49:09 [alert] 1992#4548: the event "ngx_master_1992" was
not signaled for 5s
, :
openssl rsa -in server.key -out server.key