記一次服務由http轉成https的nginx配置問題，nginx基礎的一些配置就不在這邊說了。

使用了nginx的gzip壓縮功能：用于提升用戶訪問前端頁面的速度

http {include mime.types;default_type application/octet-stream;log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';#access_log logs/access.log main;sendfile on;#tcp_nopush on;#keepalive_timeout 0;keepalive_timeout 65;#前端頁面壓縮,提升用戶訪問速度gzip on;#設置緩沖區大小gzip_buffers 4 16k;#壓縮級別官網建議是6gzip_comp_level 6;#壓縮的類型gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php; client_max_body_size 50m;……

代理前端：

前端使用https的默認端口：443，將443端口轉發到前端端口8080。

證書需要放到服務器上，這里我將證書放到了/opt/nginx/conf/certs/目錄下。

server {#https默認端口443listen 443 default ssl;#配置域名server_name 域名;#配置證書ssl_certificate /opt/nginx/conf/certs/_.域名_bundle.crt;ssl_certificate_key /opt/nginx/conf/certs/域名_RSA.域名_RSA.key;ssl_certificate /opt/nginx/conf/certs/_.域名_sm2_sign_bundle.crt;ssl_certificate_key /opt/nginx/conf/certs/域名_SM2.域名_SM2.key;ssl_certificate /opt/nginx/conf/certs/_.域名_sm2_encrypt_bundle.crt;ssl_certificate_key /opt/nginx/conf/certs/域名_SM2.域名_SM2.key;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers ECC-SM4-SM3:ECDH:AESGCM:HIGH:MEDIUM:!RC4:!DH:!MD5:!aNULL:!eNULL;ssl_prefer_server_ciphers on;access_log logs/access_qd.log main;#將443端口轉發到前端端口8080location / {proxy_set_header Host $host:8080;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_pass http://ip:8080;}error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}}

配置后端：

后端使用8082端口進行代理，將8082端口轉發到后端端口8081。

因為我的服務用到了websocket，需要對websocket進行單獨代理，否則連接不上。

server {#nginx代理后端端口listen 8082 ssl;#配置域名server_name 域名;#配置證書ssl_certificate /opt/nginx/conf/certs/_.域名_bundle.crt;ssl_certificate_key /opt/nginx/conf/certs/域名_RSA.域名_RSA.key;ssl_certificate /opt/nginx/conf/certs/_.域名_sm2_sign_bundle.crt;ssl_certificate_key /opt/nginx/conf/certs/域名_SM2.域名_SM2.key;ssl_certificate /opt/nginx/conf/certs/_.域名_sm2_encrypt_bundle.crt;ssl_certificate_key /opt/nginx/conf/certs/域名_SM2.域名_SM2.key;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers ECC-SM4-SM3:ECDH:AESGCM:HIGH:MEDIUM:!RC4:!DH:!MD5:!aNULL:!eNULL;ssl_prefer_server_ciphers on;access_log logs/access_hd.log main;#如果使用了websocket需要單獨代理location ~/webSocket/ {access_log logs/come-websocket.log;proxy_pass http://ip:8081;proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection 'Upgrade';}#將8082端口轉發到后端端口8081location / {proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_pass http://ip:8081;}error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}}

配置好之后啟動nginx。

前端訪問后端的地址為：https://域名:8082，用戶訪問前端地址為https://域名。

完成~

總結

以上是生活随笔為你收集整理的前后端分离系统使用Nginx代理https地址的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。