How to upgrade Nginx from http to https

The difference between http and https is

Some websites, when http is opened, the page prompts that it is not safe. For example, if you click on the following website [actually the same website]

How can I get rid of this unsafe prompt? Upgrading from http to https

Look at the final effect:

If you currently have a website, how do you upgrade it? For https

Domain name: 511easy.com

Once you have a domain name, you can apply for a free SSL certificate, as shown in the screenshot below, based on the certificates of each web server. I use nginx

Then you need to configure the nginx.conf configuration, probably using the third one below, the first two are what I use to save.

Compared with http, https is more secure, but not necessarily. Use jmeter/charles/wireshark/fiddle, etc. to generate a certificate, and you can easily capture packets of https websites. Most websites and apps. I can capture packets

 upstream tomcatserver1 {
  server 127.0.0.1:8083;
  }
 upstream tomcatserver2 {
  server 127.0.0.1:8085;
  }
   
   
   
server {
  listen  80;
  server_name 511easy.com;
 
 
  location / {
   proxy_pass http://tomcatserver1;
   index index.html index.htm;
  } 
 }
server {
  listen  80;
  server_name 511easy.com;
 
  location / {
   proxy_pass http://tomcatserver2;
   index index.html index.htm;
  }  
 }

worker_processes 1;
 
events {
 worker_connections 1024;
}
 
 
http {
 include  mime.types;
 default_type application/octet-stream;
 
 sendfile  on;
 
 keepalive_timeout 65;
 
 server {
  listen  80;
  server_name 88bugs;
  location / {
   proxy_pass http://localhost:8083;
  }
  }
 
 server {
  listen  80;
  server_name jenkins;
  location / {
   proxy_pass http://localhost:8080;
  }
  }
}

worker_processes 1;
 
events {
 worker_connections 1024;
}
 
 
http {
 include  mime.types;
 default_type application/octet-stream;
 
 sendfile  on;
 
 keepalive_timeout 65;
 
 
  server {
  listen 443 ssl;
  server_name www.511easy.com;
  
  ssl     on;
  ssl_certificate  1_511easy.com_bundle.crt;
  ssl_certificate_key   2_511easy.com.key;
  ssl_session_timeout 5m;
   
  location / {
   proxy_pass http://localhost:8083;
  }
 
  }
}

Consolidate the meaning of these abbreviations

http ---hyper text transfer protocol, hypertext transfer protocol, is a protocol built on tcp Stateless connection, the entire basic workflow is that the client sends an http request

https ---- hyper text transfer protocol over secure socket layer or hypertext transfer protocol secure

The full name is: Hypertext Secure Transfer Protocol, which can be simply understood as the http protocol that uses ssl encrypted transmission

The default port of http is 80, and the default port of https is 443
ssl is A security protocol that provides security and data integrity for network communications.

Why use https

In order to protect the security of information transmission and data integrity. It makes visitors feel that the website is trustworthy, and for the domestic network environment, it can also prevent broadband operators from forcing advertisements on the website.

If you want two ports on one server to execute different ports with different domain names, nginx can be configured like this

worker_processes 1;
 
events {
 worker_connections 1024;
}
 
 
http {
 include  mime.types;
 default_type application/octet-stream;
 
 sendfile  on;
 
 keepalive_timeout 65;
 
 
  server {
  listen 443 ssl;
  server_name www.88bugs.com;
  
  ssl_certificate  1_88bugs.com_bundle.crt;
  ssl_certificate_key 2_88bugs.com.key;
  ssl_session_timeout 5m;
   
  location / {
   proxy_pass http://localhost:8083;
  }
  }
  
  server {
  listen 443 ssl;
  server_name www.511easy.com;
  
  ssl_certificate  1_511easy.com_bundle.crt;
  ssl_certificate_key 2_511easy.com.key;
  ssl_session_timeout 5m;
   
  location / {
   proxy_pass http://localhost:8085;
  }
  } 
}

The above is the detailed content of How to upgrade Nginx from http to https. For more information, please follow other related articles on the PHP Chinese website!