Nginx 多域名 https 协议代理

1、免费协议生成器

KeyManager

2、nginx 配置文件

server {
    # SSL 访问端口号为 8232
    listen 8232 ssl http2;
    # 填写绑定证书的域名
    server_name test1.cn;
    # 证书文件名称
    ssl_certificate /etc/nginx/ssl/test1_chain.crt;
    # 私钥文件名称
    ssl_certificate_key /etc/nginx/ssl/test1_key.key;
    # 过期时间，5分钟
    ssl_session_timeout 5m;
    # 请按照以下协议配置
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    # 请按照以下套件配置，配置加密套件，写法遵循 openssl 标准。缓解 BEAST 攻击
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    # 在 SSLv3 or TLSv1 握手时，通常会使用客户端的cipher偏好，打开这个选项后，则会使用服务器的偏好
    ssl_prefer_server_ciphers on;
    # 读取大型客户端请求头的缓冲区的最大数量和大小
    large_client_header_buffers 4 16k;
    # 设置 nginx 能处理的最大请求主体大小。
    client_max_body_size 512m; 
    # 请求主体的缓冲区大小。
    client_body_buffer_size 128k;
    # 访问日志路径
    access_log  /var/log/nginx/test1.access.log;
    # 错误日志路径
    error_log  /var/log/nginx/test1.error.log;
    # 前端
    location / {
          root  /data/app/plm-test/plm-page/dist/;
          try_files $uri $uri/ /index.html =404;
          index  index.html index.htm;
}
    # 后端
    location /dev-api/ {
           proxy_pass http://192.168.100.212:9204/;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
           proxy_set_header X-Forwarded-Port $server_port;
           proxy_set_header X-Real-IP $remote_addr;
   }
    # 错误访问
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

server {
    listen 8231 ssl;
    server_name dev1.cn;
    ssl_certificate /etc/nginx/ssl/dev1_chain.crt;
    ssl_certificate_key /etc/nginx/ssl/dev1_key.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    large_client_header_buffers 4 16k;
    client_max_body_size 512m;
    client_body_buffer_size 128k;
    access_log  /var/log/nginx/dev1.access.log;
    error_log  /var/log/nginx/dev1.error.log;
    location / {
          root  /data/app/plm-page/dist/;
          try_files $uri $uri/ /index.html =404;
          index  index.html index.htm;
}
    location /dev-api/ {
           proxy_pass http://192.168.100.213:9204/;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
           proxy_set_header X-Forwarded-Port $server_port;
           proxy_set_header X-Real-IP $remote_addr;
   }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}