yum install gcc pcre-devel openssl-devel -y && \
cd /opt && \
wget http://nginx.org/download/nginx-1.20.2.tar.gz && \
tar -zxvf nginx-1.20.2.tar.gz && \
cd nginx-1.20.2 && \
./configure --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module --with-stream && \
make && make install
cp /opt/nginx/conf/nginx.conf /opt/nginx
/conf/nginx.conf.bakvim nginx.conf
server {
listen 8043 ssl;
#修改为实际环境的域名
server_name <域名>;
#修改为实际证书
ssl_certificate dataease.top_bundle.crt;
ssl_certificate_key dataease.top.key;
ssl_session_timeout 1d;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
#将IP和端口改为DataEase服务器的访问地址和端口
proxy_pass http://172.31.0.48:9876/;
}
}
/opt/nginx/sbin/nginx
ss -an|grep 8043
tcp LISTEN 0 128 *:8043 *:*
https://域名或IP:8043