Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to realize the https reverse proxy tomcat in nginx. It is very detailed and has certain reference value. Interested friends must read it!

Reverse proxy

In the computer world, because there is a limit to the ability of a single server to handle client (user) requests, when users' access requests pour in, the server will be too busy. Multiple servers can be used to share thousands of user requests, these servers provide the same service, for users, there is no difference at all.

Nginx acts as the front-end agent for distribution, and tomcat handles the request. There are two ways to implement https with nginx instead of tomcat.

Nginx configuration https,tomcat also configures https

1. Nginx configure https

Upstream https_tomcat_web {server 127.0.0.1 upstream https_tomcat_web 8443;} server {ADH 443; server_name www.test.com; index index.html; root / var/www/html/test; ssl on; ssl_certificate / etc/nginx/go.pem; ssl_certificate_key / etc/nginx/go.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1.2; # ssl_ciphers all Ssl_ciphers ECDHEluRSAMUA128MUBE ECDHEVE ECDH https://https_tomcat_web; AESHG HIGHV / null LV A null L RC4; ssl_prefer_server_ciphers on; location ~ ^ / admin {proxy_pass https://https_tomcat_web; / is proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr of https Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 100m; client_body_buffer_size 256k; proxy_connect_timeout 60; proxy_send_timeout 30; proxy_read_timeout 30; proxy_buffer_size 8k; proxy_buffers 8 64k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k;} error_page 404 / 404.html Location = / 40x.html {} error_page 500 502 503 504 / 50x.html; location = / 50x.html {}}

2. Https configuration of tomcat, configuration file server.xml

/ / add the following. Omit.

Restart nginx,tomcat after configuration, and you can access it with https, which is the way I configure it now.

2. Nginx adopts https,tomcat and http

1. Nginx configure https

Upstream https_tomcat_web {server 127.0.0.1 upstream https_tomcat_web 8001;} server {ADH 443; server_name www.test.com; index index.html; root / var/www/html/test; ssl on; ssl_certificate / etc/nginx/go.pem; ssl_certificate_key / etc/nginx/go.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1.2; # ssl_ciphers all Ssl_ciphers ECDHEluRSAMUA128MUBE ECDHEVE ECDH http://https_tomcat_web; AESHG HIGHV / null LV A null L RC4; ssl_prefer_server_ciphers on; location ~ ^ / admin {proxy_pass http://https_tomcat_web; / is proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr of http Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 100m; client_body_buffer_size 256k; proxy_connect_timeout 60; proxy_send_timeout 30; proxy_read_timeout 30; proxy_buffer_size 8k; proxy_buffers 8 64k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k;} error_page 404 / 404.html Location = / 40x.html {} error_page 500 502 503 504 / 50x.html; location = / 50x.html {}}

2. Http configuration of tomcat, configuration file server.xml

/ / redirected to port 443 here. Omit.

Restart nginx,tomcat,https and configure it.

Whether it is the first method or the second method, if you access port 8001 directly through http, the browser will prompt you for unsafe access because it is http and has been redirected to https.

These are all the contents of the article "how to implement https reverse proxy tomcat in nginx". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.