Shulou(Shulou.com)06/02 Report--

Background

At present, the company's projects are developed in a separate way. Sometimes, due to some new requirements development or bug modification, I want the front end to be directly connected to my local development environment for debugging, but I do not have the front end code, so I can only test it through the front end deployment test environment. The easiest way is to directly change host to point the domain name of the back end test environment to my local IP. This is easy to do for HTTP services, but the company's test environment is all on HTTPS, and my local service is HTTP protocol, so even if the host is changed, the request will fail due to different protocols, so you need to upgrade the local service to HTTPS.

Scheme

In fact, springboot itself supports HTTPS (howto-configure-ssl), but it is not elegant to change the project code, so you want to reverse proxy to the local service with nginx directly, so you don't need to change the code to do HTTPS at the nginx level. You only need to modify host to point the domain name of the backend test environment to the IP of nginx service, and it can be applied to other HTTP service development and debugging.

Issue a certificate

The first step is to generate a set of certificates for the ssl configuration of nginx, and directly use the openssl tool to generate a set of root certificates and corresponding service certificates.

Root certificate generation

# generate a RSA private key openssl genrsa-out root.key 204generate a root certificate openssl req-sha256-new-x509-days 365-key root.key-out root.crt\-subj "/ C=CN/ST=GD/L=SZ/O=lee/OU=work/CN=fakerRoot" through the private key

Server certificate generation

# generate a RSA private key openssl genrsa-out server.key 204generate a certificate signing request file openssl req-new\-sha256\-key server.key\-subj "/ C=CN/ST=GD/L=SZ/O=lee/OU=work/CN=xxx.com"\-reqexts SAN\-config import with SAN extension

Select the previously generated root certificate root.crt to import.

Modify host

When you need to debug, you only need to start the local service, and then resolve the domain name to be tested in host to the IP of the nginx server to forward the front-end request to the development environment. The certificate can be seen through the mini-lock icon in the browser address bar, and the verified service has been successfully deployed.

Postscript

In fact, two solutions have been mentioned in this article, but there are other solutions, such as using fidder as a man-in-the-middle attack.

The above is the whole content of this article, I hope it will be helpful to your study, and I also hope that you will support it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.