问题:
解决:
第一种方式 nginx https +tomcat http ,问题在于这样在servlet / jsp / jsf 中检测到的链接还是http,http 重定向可能会重定向到 http
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
server{ # not work tomcat port diffrent listen 80; # not work tomcat port diffrent listen [::]:80; listen 443; listen [::]:443; root /opt/tomcat8/webapps/ROOT; server_name aa.com; ssl on; ssl_certificate /etc/nginx/conf.d/aa.crt; ssl_certificate_key /etc/nginx/conf.d/aa.key; ssl_session_timeout 5m; #ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL; #ssl_prefer_server_ciphers on; location /admin { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://localhost:1080/admin; } } |
第二种方式 nginx https + tomcat https ,请参考其他网站;
第三种方式 nginx https + tomcat http (第一种的改造,解决了jsp / servlet /jsf 检测出是https 还是 http ,也能正常跳转)
需要配置好tomcat https 然后nginx
|
|
proxy_pass http://localhost:443/admin; |
tomcat 配置:
|
|
<Connector port="1081" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="1443" proxyPort="443" scheme="https" secure="true" /> |