解决方案:
wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" \
http://nginx.org/download/nginx-1.14.2.tar.gz
useradd nginx
mkdir /usr/local/nginx
yum -y install pcre-devel openssl openssl-devel
tar -zxf nginx-1.14.2.tar.gz
cp -r nginx-1.14.2 /usr/local/nginx/nginx-1.14.2
cd nginx-1.14.2
./configure --prefix=/usr/local/nginx --user=ngin --with-http_ssl_module
make
make install
cd /etc
cp profile profile.2019.03.10
vim profile
修改内容为export PATH=/usr/local/java/jdk1.8.0_201/bin:$PATH:/usr/local/nginx/sbin
source profile
useradd -s /sbin/nologin -M nginx
id nginx
cd /usr/local/nginx/conf
cp nginx.conf nginx.conf.2019.03.10
vim nginx.conf
修改内容为将"#user nobody"的注释#去掉即可
nginx -c /usr/local/nginx/conf/nginx.conf
netstat -tlunp | grep nginx
ps -A|grep nginx
用浏览器访问http://47.101.171.255
cd /usr/local/nginx/conf
cp nginx.conf nginx.conf.2019.3.11
vim nginx.conf // 开放 http 访问日志, 开放gzip压缩
测试配置文件
nginx -t -c /usr/local/nginx/conf/nginx.conf
输出结果为:
[root@hbs20190308 conf]# nginx -t -c /usr/local/nginx/conf/nginx.conf
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@hbs20190308 conf]# nginx -s reload
热加载配置文件: 不停止nginx服务的情况下加载配置文件
nginx -s reload
cd /usr/local/nginx
cd logs
more access.log
进入E盘(PuTTY所在的磁盘)
e:
进入PuTTY文件夹
cd E:\PuTTY
将case01.html上传到Linux服务器的根目录下
pscp F:\html\case01.html root@47.101.171.255:/usr/local/nginx/html/
输入密码登录即可开始上传...
root@47.101.171.255's password:
case01.html | 17 kB | 17.6 kB/s | ETA: 00:00:00 | 100%
恭喜你!上传成功!
E:\PuTTY>
http://47.101.171.255/case01.html
https://wanwang.aliyun.com/domain/?spm=5176.100251.111252.32.4dbe4f153Hs4wv
cd /etc
cp hosts hosts.2019.03.10
vim hosts
按I键进入编辑模式,hosts文件中添加域名解析记录
47.101.171.255 doc.huangbingsen.com
按ESC键退出编辑,输入":wq"保存退出vim编辑模式
用记事本编辑: C:\Windows\System32\drivers\etc\hosts
notepad hosts
添加47.101.171.255 doc.huangbingsen.com保存退出
ping doc.huangbingsen.com 通了说明本地域名解析成功!
C:\WINDOWS\system32>notepad hosts
C:\WINDOWS\system32>ping doc.huangbingsen.com
正在 Ping doc.huangbingsen.com [47.101.171.255] 具有 32 字节的数据:
来自 47.101.171.255 的回复: 字节=32 时间=22ms TTL=52
来自 47.101.171.255 的回复: 字节=32 时间=22ms TTL=52
来自 47.101.171.255 的回复: 字节=32 时间=22ms TTL=52
来自 47.101.171.255 的回复: 字节=32 时间=22ms TTL=52
47.101.171.255 的 Ping 统计信息:
数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
最短 = 22ms,最长 = 22ms,平均 = 22ms
C:\WINDOWS\system32>
https://common-buy.aliyun.com/?spm=5176.2020520154.cas.3.7861FyCVFyCVUU&commodityCode=cas#/buy
返回根目录
cd
进入nginx安装目录
cd /usr/local/nginx
创建cert目录
mkdir cert
进入E盘(PuTTY所在的磁盘)
e:
进入PuTTY文件夹
cd E:\PuTTY
将1909365_doc.huangbingsen.com_nginx.zip上传到Linux服务器的根目录下
pscp F:\1909365_doc.huangbingsen.com_nginx.zip root@47.101.171.255:/usr/local/nginx/cert/
输入密码登录即可开始上传...
root@47.101.171.255's password:
1909365_doc.huangbingsen. | 3 kB | 4.0 kB/s | ETA: 00:00:00 | 100%
恭喜你,上传成功!
E:\PuTTY>
cd cert
unzip 1909365_doc.huangbingsen.com_nginx.zip
ls
输出结果为1909365_doc.huangbingsen.com.key 1909365_doc.huangbingsen.com_nginx.zip 1909365_doc.huangbingsen.com.pem
cd
cd /usr/local/nginx/conf
touch ums.conf
vim ums.conf
添加以下配置信息
server{
listen 80;
server_name doc.huangbingsen.com;
return 301 https://doc.huangbingsen.com;
}
server{
listen 443;
server_name doc.huangbingsen.com;
ssl on;
ssl_certificate cert/1909365_doc.huangbingsen.com.pem;
ssl_certificate_key cert/1909365_doc.huangbingsen.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root ums;
index addUser.html;
}
}
保存退出!
cd
cd /usr/local/nginx/conf
cp nginx.conf nginx.conf.2019.03.10.1444
vim nginx.conf
找到HTTPS server的配置节点,在该节点上面引入外部的配置文件(即刚才创建的ums.conf文件)
include ums.conf;
保存退出!
nginx -t -c /usr/local/nginx/conf/nginx.conf
错误原因:这可能是证书路径存放的位置不正确导致的,而且只要写绝对路径,就会报错,无论windows还是linux。所以将证书文件放到nginx.conf所在的目录下即可。
cd
cd /usr/local/nginx/cert
将证书文件放到nginx.conf所在的目录/usr/local/nginx/conf/
cp 1909365_doc.huangbingsen.com.key /usr/local/nginx/conf/1909365_doc.huangbingsen.com.key
cp 1909365_doc.huangbingsen.com.pem /usr/local/nginx/conf/1909365_doc.huangbingsen.com.pem
修改ums配置文件
cd /usr/local/nginx/conf
vim ums.conf
修改内容为:
nginx -t -c /usr/local/nginx/conf/nginx.conf
结果输出如下所示,说明配置成功!
[root@hbs20190308 conf]# nginx -t -c /usr/local/nginx/conf/nginx.conf
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
nginx -s reload
打开浏览器访问https://doc.huangbingsen.com或者https://47.101.171.255
cd
cd /usr/local/nginx/conf
vim nginx.conf
找到HTTPS server的配置节点,将该节点#打开,将外部ums.conf配置注释掉
# include ums.conf;
# HTTPS server
server {
listen 443 ssl;
server_name localhost;
ssl on;
ssl_certificate 1909365_doc.huangbingsen.com.pem;
ssl_certificate_key 1909365_doc.huangbingsen.com.key;
#ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
保存退出!
nginx -t -c /usr/local/nginx/conf/nginx.conf
nginx -s reload
测试:https://47.101.171.255/
cd
cd /usr/local/nginx/conf
touch tomcatserver.conf
vim tomcatserver.conf
upstream tomcat{
server 172.19.30.81:8080;
}
server{
listen 80;
server_name 47.101.171.255;
access_log logs/tomcatserver.access.log;
error_log logs/tomcatserver.error.log;
index index.jsp index.html;
location / {
proxy_pass http://tomcat;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_max_temp_file_size 0;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
保存退出!
vim nginx.conf
保存退出
nginx -t -c /usr/local/nginx/conf/nginx.conf
nginx -s reload
浏览器访问http://47.101.171.255
出现以下画面说明反向代理配置成功!
2019/3/10 17:25:32 已解决!