版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/u011390452/article/details/79350092
配置nginx配置文件
server {listen 9004 ssl;
server_name 172.16.101.111; #这里是你的域名,要与下面tomcat里的保持一致
ssl_certificate E:/software/ssl/ktminjuredtemp.cer; #这里是在“java生成RSA密钥步骤”中生成的证书
ssl_certificate_key E:/software/ssl/ktminjured.key; #这里是在“从keystore中导出私钥key”生成的私钥,是用java程序从keystore中提取出来的
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /injured/api/v2/check { #这里是nginx代理地址,配合上边域名、端口就是允许外界访问的地址
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
proxy_connect_timeout 240;
proxy_send_timeout 240;
proxy_read_timeout 240;
# note, there is not SSL here! plain HTTP is used
proxy_pass https://172.16.101.111:8443/checkclaim-injured/api/v2/checkClaim/testClaim; #这里是Tomcat方位
}
}
修改Tomcat配置文件
<!--这里的name要与nginx配置文件里的server_name保持一致,如果是本机的话用ip或localhost都可以-->
<Host name="172.16.101.111" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="x-forwarded-for" remoteIpProxiesHeader="x-forwarded-by" protocolHeader="x-forwarded-proto" />
</Host>