项目需要配置https,根据网上查找资料,进行了以下配置:
1.nginx完整配置文件
#user nobody;
worker_processes 4;
error_log logs/error.log info;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
client_max_body_size 6m;
server {
listen 443 ssl;
server_name www.xxxx.com;
ssl_certificate cert/200000000000006.pem;
ssl_certificate_key cert/200000000000006.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_connect_timeout 3;
proxy_send_timeout 300;
proxy_read_timeout 300;
proxy_pass http://111.111.111.111:1111;
}
}
server {
listen 80;
server_name xxxx.com;
server_name *.xxxx.com;
location / {
rewrite ^(.*) https://www.xxxx.com permanent;
}
}
}
2.tomcat配置文件
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="1000" maxIdleTime="60000"
minSpareThreads="20"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Connector executor="tomcatThreadPool" port="1111"
protocol="org.apache.coyote.http11.Http11AprProtocol"
maxHttpHeaderSize="8192" maxThreads="1000" processorCache="1000" acceptCount="1000"
minSpareThreads="100" acceptorThreadCount="8" URIEncoding="UTF-8"
enableLookups="false" redirectPort="443" proxyPort="443"
connectionTimeout="120000" keepAliveTimeout="120000"
maxKeepAliveRequests="65535" disableUploadTimeout="true"
compression="on" compressionMinSize="4096"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml,text/javascript,text/css,text/plain,application/json,application/x-javascript"/>
<Engine name="xxxx" defaultHost="www.xxxx.com">
<Host name="www.xxxx.com" appBase="webapps" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="X-Forwarded-For"
remoteIpProxiesHeader="x-forwarded-by" protocolHeader="X-Forwarded-Proto"/>
<Context docBase="/usr/local/apache-tomcat-7.0.63/xxxx" path="" reloadable="true" />
</Host>
</Engine>
</Service>
</Server>
启动 nginx 和tomcat后,无法访问。一直连接超时。
麻烦大神帮忙看下,配置哪里有问题,谢谢。