在nginx上设置ssl证书,启用https,当tomcat里的应用发生转向请求时将转向为http而非https,为此我们需要告诉tomcat已被https代理,方法是增加X-Forwared-Proto和X-Forwarded-Port两个HTTP头信息。
nginx的location配置
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
springboot配置文件设置
server:
port: 8080
max-http-header-size: 10240
use-forward-headers: true
tomcat:
remote-ip-header: x-forwarded-for
protocol_header: x-forwarded-proto
port-header: X-Forwarded-Port