Nginx-ubuntu install Nginx and configure https

1. Demand###

**Introduction: ** When we deploy the application, we hope to use Nginx and configure https. I have read a lot of articles on the Internet, but they are not very systematic. So write this article for future use.

Second, install Nginx

1. Get the installation package

wget http://nginx.org/download/nginx-1.17.10.tar.gz

1. Unzip

tar -zxvf nginx-1.17.10.tar.gz

1. Configuration

. /configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module

But it will report an error directly

. /configure: error: invalid option "--with-http_ssl_moudle"

Need to install dependencies

apt-get install gcc
apt-get install libpcre3 libpcre3-dev
apt-get install zlib1g zlib1g-dev
# Ubuntu14.No openssl was found in 04's warehouse-dev, by the following openssl and libssl-dev alternative
# apt-get install openssl openssl-dev
sudo apt-get install openssl 
sudo apt-get install libssl-dev
sudo apt-get install libpcre3 libpcre3-dev

Then run the sentence above

installation

make 
make install

Three, configure https

1. Store the https certificate in the /usr/local/nginx/conf directory, I created a new folder cert

2. Edit the configuration file /usr/local/nginx/conf/nginx.conf as follows:

server {
  listen       80;
  server_name your domain name;return301 https://Your domain name$request_uri;

  # charset koi8-r;

  # access_log  logs/host.access.log  main;

  location /{
   proxy_pass http://127.0.0.1:8080;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_set_header X-Forwarded-Port $server_port;}}

server {
  listen       443 ssl;
  server_name your domain name;

  ssl_certificate      cert/Your certificate crt;
  ssl_certificate_key  cert/Your certificate key;

  # ssl_session_cache    shared:SSL:1m;
  # ssl_session_timeout  5m;

  # ssl_ciphers  HIGH:!aNULL:!MD5;
  ssl_session_timeout 24h;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers  on;

  location /{
   proxy_pass http://127.0.0.1:8080;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_set_header X-Forwarded-Port $server_port;}

  location /pic {
   proxy_pass http://127.0.0.1:8081;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_set_header X-Forwarded-Port $server_port;}}

Four, SpringBoot configuration use

1. The configuration is as follows:

server:
 port:8080
 tomcat:
 remote-ip-header: x-forwarded-for
 protocol-header: x-forwarded-proto
 port-header: X-Forwarded-Port
 use-forward-headers:true