【安装部署】配置 DataEase 使用 https 访问


Administrator
飞致云 发布于 2022-03-02 / 3255 阅读 / 0 评论 /
1. 安装Nginx 2. 添加https证书 3.启动验证

1 安装 Nginx

yum install gcc pcre-devel openssl-devel -y && \
cd /opt && \
wget http://nginx.org/download/nginx-1.20.2.tar.gz && \
tar -zxvf nginx-1.20.2.tar.gz && \
cd nginx-1.20.2 && \
./configure --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module  --with-http_realip_module --with-stream && \
make && make install

2 修改 Nginx 配置

备份配置文件:

cp /opt/nginx/conf/nginx.conf /opt/nginx/conf/nginx.conf.bak

将下列 server 加入 nginx.conf:

vim nginx.conf
     server { #强制跳转 https
        listen       80;
        #修改为实际环境的域名
        server_name  bi.ipsunshine.net;
        return      301 https://$server_name$request_uri;
     }
     server {
                listen 443 ssl;
		#修改为实际环境的域名
                server_name <域名>;
		#修改为实际证书
                ssl_certificate dataease.top_bundle.crt;
                ssl_certificate_key dataease.top.key;
                ssl_session_timeout 1d;
                ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
                ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
                ssl_prefer_server_ciphers on;
                location / {
			#将IP和端口改为DataEase服务器的访问地址和端口
                        proxy_pass   http://172.31.0.48:9876/;
                        server_name_in_redirect off;
                        # websocket 代理
                        proxy_http_version      1.1;
                        proxy_set_header        Upgrade         $http_upgrade;
                        proxy_set_header        Connection "upgrade";

                        proxy_redirect             http:// https://;
                        proxy_set_header           Host $host:$server_port;
                        proxy_set_header           X-Real-IP $remote_addr;
                        proxy_set_header           X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_set_header           X-Forwarded-Proto $scheme;
                }
        }

3 启动 Nginx 并验证

启动 Nginx:

/opt/nginx/sbin/nginx

检查端口:

ss -an|grep 443
tcp    LISTEN     0      128       *:443                  *:*   

在浏览器通过 https 方式访问 Nginx 服务器,会跳转到 DataEase 的页面:

https://域名或IP



是否对你有帮助?